I tried to make a simple nfs server on a redhat el 5.4 that uses /etc/hosts.allow and /etc/hosts.deny
I have the following nfs setup:
server
into /etc/hosts
10.0.0.2 client
10.0.0.1 server
into /etc/exports
/home/nfs-server client(rw,no_root_squash)
into /etc/hosts.deny
# wildcard that denies all
ALL:ALL
into /etc/hosts.allow
mountd: 10.0.0.2
statd: 10.0.0.2
portmap: 10.0.0.2
rquotad: 10.0.0.2
I start the portmap (service portmap start) on both machines and try to mount the server from client ... by my surprise there is no luck && try to do a rpcinfo -p - it failed with - No remote programs registered
Looking into the server logs I can see
portmap[3058]: connect from x.x.x.x to getport(nfs): request from unauthorized host
portmap[3061]: connect from x.x.x.x to dump(): request from unauthorized host
Doing different searches on the subject I came accross a bug redhat has on their site
https://bugzilla.redhat.com/show_bug.cgi?id=465412
So ... the solution seems to be the following - you need to add the ip address of the client AND the client host name into /etc/hosts.allow - even though portmap has the tcp_wrappers / libwrap compiled static and doesn't read directly the files /etc/hosts.allow|deny.
This is what I added on the server /etc/hosts.allow
mountd: client
statd: client
portmap: client
rquotad: client
After this - happy NFS.
Subscribe to:
Post Comments (Atom)
2 comments:
thanks - that was exactly the problem.
Thanks for this post and my issue was resolved after applying your workaround!
Post a Comment