2005-12-30 11:07:20

by Kalin KOZHUHAROV

[permalink] [raw]
Subject: rpc.statd: open (/var/lib/nfs/state): Permission denied

Hi, there!

I guess it is not the bes time to ask, but some of us have busy hollidays...

So I am upgrading a small network to rely more on NFSv3 (All are Gentoo boxen) and I ran into a problem.

On one of the server machines, rpc.statd cannot start:

celina nfs # rpc.statd -Fd
12/30/2005 19:01:49 rpc.statd[17982]: Version 1.0.7 Starting
12/30/2005 19:01:49 rpc.statd[17982]: Flags: No-Daemon Log-STDERR
12/30/2005 19:01:49 rpc.statd[17982]: open (/var/lib/nfs/state): Permission denied

celina nfs # strace -s64 -f -e setuid32,open,socket,bind,dup,close rpc.statd -Fd

[snip]

12/30/2005 19:44:10 rpc.statd[18113]: Version 1.0.7 Starting
12/30/2005 19:44:10 rpc.statd[18113]: Flags: No-Daemon Log-STDERR
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(905), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
open("/var/run/rpc.statd.pid", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 4
dup(4) = 5
close(4) = 0
setuid32(65534) = 0
socket(PF_NETLINK, SOCK_RAW, 0) = 4
bind(4, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
close(4) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 4
bind(4, {sa_family=AF_INET, sin_port=htons(906), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EACCES
(Permission denied)
close(4) = 0
open("/var/lib/nfs/state", O_RDWR|O_CREAT, 0600) = -1 EACCES (Permission denied)
12/30/2005 19:44:10 rpc.statd[18113]: open (/var/lib/nfs/state): Permission denied

celina nfs # ls -ld /var/lib/nfs/{,state}
drwxr-xr-x 7 root root 304 Dec 30 18:42 /var/lib/nfs/
-rw------- 1 nobody root 6 Dec 30 18:50 /var/lib/nfs/state

celina nfs # getfacl /var/lib/nfs/{,state}
getfacl: Removing leading '/' from absolute path names
# file: var/lib/nfs
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

# file: var/lib/nfs/state
# owner: nobody
# group: root
user::rw-
group::---
other::---

celina nfs # grep nobody /etc/{passwd,group}
/etc/passwd:nobody:x:65534:65534:nobody:/:/bin/false
/etc/group:nobody:x:65534:

celina nfs # lsmod |grep nfs
nfs 114028 0
nfsd 111240 0
exportfs 5984 1 nfsd
nfs_acl 3680 2 nfs,nfsd
lockd 66728 2 nfs,nfsd
sunrpc 147388 4 nfs,nfsd,nfs_acl,lockd

celina nfs # uname -a
Linux celina 2.6.14.4-K01_PIII_server #1 Thu Dec 22 14:48:26 JST 2005 i686 Celeron (Coppermine)
GenuineIntel GNU/Linux

celina nfs # gzcat /proc/config.gz |grep NFS |grep =
CONFIG_NFS_FS=m
CONFIG_NFS_V3=y
CONFIG_NFS_V3_ACL=y
CONFIG_NFSD=m
CONFIG_NFSD_V2_ACL=y
CONFIG_NFSD_V3=y
CONFIG_NFSD_V3_ACL=y
CONFIG_NFS_ACL_SUPPORT=m
CONFIG_NFS_COMMON=y

I have almost exactly the same setup on a few other machines and it works.

What am I missing here? This just drives me crazy...

Kalin.

--
|[ ~~~~~~~~~~~~~~~~~~~~~~ ]|
+-> http://ThinRope.net/ <-+
|[ ______________________ ]|


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs


2005-12-31 05:52:38

by Kalin KOZHUHAROV

[permalink] [raw]
Subject: Re: rpc.statd: open (/var/lib/nfs/state): Permission denied

Garrick Staples wrote:
> On Fri, Dec 30, 2005 at 08:06:20PM +0900, Kalin KOZHUHAROV alleged:
>
>>celina nfs # ls -ld /var/lib/nfs/{,state}
>>drwxr-xr-x 7 root root 304 Dec 30 18:42 /var/lib/nfs/
>>-rw------- 1 nobody root 6 Dec 30 18:50 /var/lib/nfs/state
>
>
> Have you checked the perms on /, /var, and /var/lib?
>
Ooops :-)
Thank you for pointing that! Now, this was the situation:

celina ~ # ll -d / /var /var/lib
d-wxr----t 21 root root 568 Dec 22 21:05 /
drwxr-xr-x 21 root root 584 Dec 26 15:49 /var
drwxr-xr-x 12 root root 304 Dec 30 17:59 /var/lib

Ouch... Who the .uc. chmod-ed /? Knowing it is probably me does not make me feel better.
Found another box with the same problem, so might have to investigate it.

Anyway, fixind that and creating/chmod-ing /var/lib/nfs/sm{,.bak} and now everything is fine!

celina ~ # ls -ld / /var /var/lib /var/lib/nfs /var/lib/nfs/{state,sm*}
drwxr-xr-x 21 root root 568 Dec 22 21:05 /
drwxr-xr-x 21 root root 584 Dec 26 15:49 /var
drwxr-xr-x 12 root root 304 Dec 31 14:38 /var/lib
drwxr-xr-x 7 root root 304 Dec 31 14:41 /var/lib/nfs
drwxr-xr-x 2 nobody root 48 Dec 30 20:25 /var/lib/nfs/sm
drwxr-xr-x 2 nobody root 48 Dec 30 20:25 /var/lib/nfs/sm.bak
-rw------- 1 nobody root 4 Dec 31 14:41 /var/lib/nfs/state

Will have to drink less coffee, I guess :-)

Happy hollidays to all!

Kalin.
--
|[ ~~~~~~~~~~~~~~~~~~~~~~ ]|
+-> http://ThinRope.net/ <-+
|[ ______________________ ]|



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs