Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] sharing the root directory via NFSv4
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Mon Feb 13, 2012 10:42 pm    Post subject: [solved] sharing the root directory via NFSv4 Reply with quote

Hi there.

For cross-compiling reasons I try to export the root directory via NFS, but I can't get it working.

Server
/etc/exports:
/export             192.168.109.0/24(rw,fsid=0,insecure,no_subtree_check,async)
/export/root            faultier(rw,nohide,insecure,no_subtree_check,async,no_root_squash)


mount:
/ on /export/root type none (rw,bind)


Client
/etc/fstab:
miniding:/root                  /mnt/miniding           nfs4    noauto,rw,intr,noatime,nodiratime,hard,rsize=32768,wsize=32768  0 0


When I try to mount the directory, nothing happens. After a long while I get I timeout:
Code:
mount.nfs4: connection timeout


It worked before in NFSv3 without the virtual nfs root folder in /etc/exports. For any other directories the NFS export works, even if the directories are only accessable as root. What did I forget?


Last edited by musv on Sat Feb 18, 2012 8:45 pm; edited 1 time in total
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Thu Feb 16, 2012 1:26 am    Post subject: Reply with quote

Is faultier within 123.168.109.0/24?

Is there anything logged on either the client or server machine?
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Thu Feb 16, 2012 5:22 pm    Post subject: Reply with quote

genterminl wrote:
Is faultier within 123.168.109.0/24?

192.168.109.0/24
But yes, it is. ssh, ping, other shared devices work. If I only mount the virtual root (/export) I can see /export/root, but the directory is empty then.

genterminl wrote:
Is there anything logged on either the client or server machine?

No, nothing. Neither on the server nor on the client side.


Last edited by musv on Fri Feb 17, 2012 7:53 pm; edited 1 time in total
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Thu Feb 16, 2012 8:20 pm    Post subject: Reply with quote

I'm trying to replicate your situation - but my mount is giving me a series of Stale NFS File Handle errors.

Have you tried the mount command with -v? It might spit out something useful.

Also - just to be compulsive, do you have idmapd running on both machines, with the domain set to the same value?
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Fri Feb 17, 2012 7:19 pm    Post subject: Reply with quote

No answer, but more information. In my case, on the server, /var/lib/nfs/rmtab has an entry for my client, even though I never successfully performed the mount. I know this file does not necessarily reflect what the kernel actually thinks is shared out, but I do wonder if it means the share is in some funny state that does interfere with a mount request. I'm going to try manually removing that line the next time I reboot the server to see if it makes any difference.

You might also look in /var/lib/nfs on the nfs server to see if anything looks odd there, although I'm not sure I know what stuff SHOULD look like.
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Sat Feb 18, 2012 12:17 pm    Post subject: Reply with quote

Ok, with -v I get the same errors:

Code:
mount.nfs4: timeout set for Sat Feb 18 13:11:23 2012
mount.nfs4: trying text-based options 'intr,hard,rsize=32768,wsize=32768,addr=192.168.109.20,clientaddr=192.168.109.21'
mount.nfs4: mount(2): Stale NFS file handle
mount.nfs4: trying text-based options 'intr,hard,rsize=32768,wsize=32768,addr=192.168.109.20,clientaddr=192.168.109.21'
mount.nfs4: mount(2): Stale NFS file handle
mount.nfs4: trying text-based options 'intr,hard,rsize=32768,wsize=32768,addr=192.168.109.20,clientaddr=192.168.109.21'
mount.nfs4: mount(2): Stale NFS file handle
mount.nfs4: trying text-based options 'intr,hard,rsize=32768,wsize=32768,addr=192.168.109.20,clientaddr=192.168.109.21'
mount.nfs4: mount(2): Stale NFS file handle
mount.nfs4: trying text-based options 'intr,hard,rsize=32768,wsize=32768,addr=192.168.109.20,clientaddr=192.168.109.21'
mount.nfs4: mount(2): Stale NFS file handle


idmapd is started, but it isn't configured, so it should be something like localdomain or none by default.

/var/lib/nfs/rmtab gives me the exported directories, but doesn't change if a client mounted any directory. Thanks so far for you investigations. I'll keep searching.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 1:40 pm    Post subject: Reply with quote

There are lots of posts that say that the domain for idmapd must be the same on both machines. It doesn't seem to matter what it actually is, but you may as well set it to whatever you actually use. I have it set to "home" However - I'm not sure it is important until the share is actually mounted and you go to use it.

My concern about /var/lib/nfs is that rmtab should only have whatever directories are (or have been) actually mounted by a remote client. etab should list all the exported directories. I've seen some comments (man page?) that rmtab is not necessarily reliable, but that's my current focus.
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Sat Feb 18, 2012 4:04 pm    Post subject: Reply with quote

I specified a local domain in /etc/idmapd.conf and restarted the nfs daemon bundle. But the "stale nfs file handle" error continues.
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sat Feb 18, 2012 4:53 pm    Post subject: Reply with quote

idmap problems will usually cause problems with ownership, but you should be able to mount.

can you mount the root partition on a different machine on the same subnet or if you boot your host with a cd or memory stick (if that is possible)?
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sat Feb 18, 2012 4:59 pm    Post subject: Reply with quote

I don't know why, but my diskless clients mounts the root with nfs version 2. The "mount" command returns:

Code:

...
on / type nfs (rw,relatime,vers=2,rsize=4096,wsize=4096,namlen=255,hard,nolock,proto=udp,timeo=11,retrans=3,sec=sys,mountaddr=172.30.30.1,mountvers=1,mountproto=udp,local_lock=all,addr=
...
 type nfs (ro,vers=4,addr=172.30.30.1,clientaddr=172.30.30.132)


The second line is a mount from the same server, but not the root filesystem

EDIT: the root mount is taken care of by the kernel, but I don't know why it's using version 2. Here's from the kernel command line

Code:
root=/dev/nfs nfsroot=172.30.30.1:/diskless/clients/clientname


The client /etc/fstab is using only default values


Last edited by pgu on Sat Feb 18, 2012 5:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sat Feb 18, 2012 5:06 pm    Post subject: Reply with quote

Here's from my /etc/exports on the server side:

Code:
/diskless 172.30.30.0/24(rw,async,no_subtree_check,no_root_squash)
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Sat Feb 18, 2012 5:35 pm    Post subject: Reply with quote

pgu wrote:
can you mount the root partition on a different machine on the same subnet or if you boot your host with a cd or memory stick (if that is possible)?


No, I can't. I guess the problem is just related to the root directory. Maybe nfs has a problem to export a directory where the nfs root is part of ( / -> export -> root-mount point -> export).

It can't also be the fact of the root ownership. I exported and mounted successfully the distfiles directory with write access from the same machine.

Another thing. If I export the root folder via:
Code:
/             192.168.109.0/24(rw,fsid=0,insecure,no_subtree_check,no_root_squash,async)

Then I can mount the root directory and have write access too. But I guess that's not the sense of nfs4.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 5:43 pm    Post subject: Reply with quote

pgu - that's why you are getting nfs2. I don't know why you don't get nfs3, but you definitely will not get nfs4 that way.

The export setup for nfs3 and nfs4 are very different. For pre-4 you can export any directory. For nfs4 you need to bind mount the directory to under /exports and then export /export and /export/whatever.

I do think there are issues with the same directory appearing in multiple places under /exports, but I also think that the no_subtree_check should take care of that. However, a reread of the man page on that topic might prove useful.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 7:19 pm    Post subject: Reply with quote

Bingo! In the /etc/exports file, try explicitly specifying fsid= for each export. It has to be 0 for /exports itself, then just use a different number for each other export. I'm not sure why my other exports worked fine wihthout fsid specified, since they were not actually complete file systems, and so do not have uuids, but it now seems to work.
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sat Feb 18, 2012 7:20 pm    Post subject: Reply with quote

Thank you for the explanation genterminl. It makes sense. musv you might be able to split the your export in two, e.g. /export/root, /export/other and see if it makes a difference.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 7:24 pm    Post subject: Reply with quote

No need to split the export. (How would you split / anyway?) Just specify fsid=0 for /export and fsid=1 for /export/root.
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sat Feb 18, 2012 7:31 pm    Post subject: Reply with quote

genterminl wrote:
(How would you split / anyway?)


I thought he was exporting /export and /export/root on the server, but mounting either of them on / on some client (probably /export/root)
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3254
Location: de

PostPosted: Sat Feb 18, 2012 8:43 pm    Post subject: Reply with quote

genterminl wrote:
No need to split the export. (How would you split / anyway?) Just specify fsid=0 for /export and fsid=1 for /export/root.

That's it. :D

I've studied the manpage quite several times. But either I'm to stupid to understand or there's some space for improvement:
Manpage wrote:
fsid=num|root|uuid
NFS needs to be able to identify each filesystem that it exports. Normally it will use a UUID for the filesystem (if the filesystem has such a thing) or the device number of the device holding the filesystem (if the filesystem is stored on the device).

As not all filesystems are stored on devices, and not all filesystems have UUIDs, it is sometimes necessary to explicitly tell NFS how to identify a filesystem. This is done with the fsid= option.

For NFSv4, there is a distinguished filesystem which is the root of all exported filesystem. This is specified with fsid=root or fsid=0 both of which mean exactly the same thing.

Other filesystems can be identified with a small integer, or a UUID which should contain 32 hex digits and arbitrary punctuation.

Ok, the last sentence could mean, what we were looking for.

My final configuration:
Server:
/etc/exports:
 # /etc/exports: NFS file systems being exported.  See exports(5).

/export             192.168.109.0/24(rw,fsid=0,insecure,no_subtree_check,async)
# /
/export/root        192.168.109.0/24(rw,fsid=1,nohide,insecure,no_subtree_check,async,no_root_squash)
# /home/blubb
/export/home_blubb     192.168.109.0/24(rw,nohide,insecure,no_subtree_check,async,all_squash,anonuid=1000,anongid=100)


Client:
/etc/fstab:
miniding:/root                  /mnt/miniding           nfs4    noauto,rw,intr,noatime,nodiratime,hard,rsize=32768,wsize=32768  0 0
miniding:/home_blubb               /home/blah/miniding       nfs4    noauto,users,rw,intr,noatime,nodiratime,hard,rsize=32768,wsize=32768    0 0


It works! 8)

*) blubb and blah is the German version for foo bar com.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 8:43 pm    Post subject: Reply with quote

I don't think you ever mount /export, although it might be an interesting test. The existence of /export on the server and including it in /exports is a requirement of nfs4. The filesystems you actually want to export get mounted as type bind under /exports, so musv did a bind mount of / to /exports/root, listed /exports and /exports/root in /etc/exports, and then mounted /root from the client. In nfs4 the /exports is implicit so it doesn't get mentioned in the mount request.
Back to top
View user's profile Send private message
genterminl
Guru
Guru


Joined: 12 Feb 2005
Posts: 488
Location: Connecticut, USA

PostPosted: Sat Feb 18, 2012 8:50 pm    Post subject: Reply with quote

musv - You found, as I did, that you apparently need an fsid for /exports/root, but not for other entries. I wonder if that is because in some sense, /export/root when you substitute / for /root looks the same as plain /exports, so you need to explicitly distinguish them. /exports/blah will never be confused for /exports so there isn't a problem.

I agree with you that the man page for nfs could use some attention.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum