Trying to debug nfs install issue, increase verbosity of nfs server?
yersinia
yersinia.spiros at gmail.com
Mon Jan 19 15:28:41 UTC 2009
On Mon, Jan 19, 2009 at 4:06 PM, Patrice Dumas <pertusus at free.fr> wrote:
> On Mon, Jan 19, 2009 at 09:08:11AM -0500, Steve Dickson wrote:
>
> > The discussion about the fact mountd (statd) no longer accept connections
> from
> > unknown IP address (similar to other system daemon) due to a "fix" in the
> tcp
> > wrapper code is at:
>
> This is not a change in tcp_wrapper, but in nfs-utils. And as far as I
> can tell this is not already upstream, so this looks like (but I may
> be wrong) a fedora specific change in mountd.
>
> I think that it is a very questionable change. Maybe it makes sense
> for NFSv4 (but is mountd involved in NFSv4?), but for NFSv3, it
> doesn't make sense to me, since there is no security at all in any
> case.
>
> I may very well be missing something, though.
>
In fact the control is in mountd. In nfs-utils-1.1.4-6 in FC10
./utils/mountd/auth.c call
auth_authenticate which call client_resolve that do the check
forward/reverse lookup via the
call to get_reliable_hostbyaddr in ./support/export/hostname.c. And this is
in the upstream release.
Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090119/74e8a355/attachment.htm>
More information about the fedora-devel-list
mailing list