Bug 93083

Summary:	nfs reload fails to load information from ldap netgroups
Product:	Gentoo Linux	Reporter:	Nuno Sucena Almeida <slug>
Component:	[OLD] Server	Assignee:	Network Filesystems <net-fs>
Status:	RESOLVED WORKSFORME
Severity:	normal
Priority:	High
Version:	2005.0
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Nuno Sucena Almeida 2005-05-18 09:16:49 UTC

If I have setup a ldap netgroup system and use them with nfs, when I do a nfs "reload" it doesn't consult the ldap system, I need to do a "stop/start.".
I can confirm this with a "not exported" mount point error message:

rpc.mountd: refused mount request from XXXXXXXX for /home (/): not exported

and with the showmount -e command which doesn't show the exported mount point before I do the stop/start.

If I have a /etc/netgroup file with that netgroup entry it works fine.

my /etc/exports looks something like:
/home @vpn(secure,rw,mp,root_squash,sync)

and my /etc/nsswitch.conf
netgroup:   ldap [NOTFOUND=return] files




Portage 2.0.51.19 (default-linux/x86/2005.0, gcc-3.3.5-20050130, glibc-2.3.4.20041102-r1, 2.6.11-gentoo-r8 i686)
=================================================================
System uname: 2.6.11-gentoo-r8 i686 Pentium III (Coppermine)
Gentoo Base System version 1.4.16
Python:              dev-lang/python-2.3.5 [2.3.5 (#1, May  6 2005, 17:42:29)]
distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
dev-lang/python:     2.3.5
sys-apps/sandbox:    [Not Present]
sys-devel/autoconf:  2.59-r6, 2.13
sys-devel/automake:  1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.5
sys-devel/binutils:  2.15.92.0.2-r7
sys-devel/libtool:   1.5.16
virtual/os-headers:  2.6.8.1-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -pipe -march=pentium3 -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -pipe -march=pentium3 -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms strict"
GENTOO_MIRRORS="http://mirror.datapipe.net/gentoo"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 X alsa apm arts atlas audiofile avi berkdb bitmap-fonts blas cdparanoia cdr crypt cups curl dga docdvd dvdread emacs emboss encode esd f77 fam fftw flac foomaticdb fortran gd gdbm gif ginac gphoto2 gpm gtk gtk2 hdf5 imagemagick imlib ipv6 jack java jpeg kde kerberos ldap libg++ libwww mad mikmod mmx motif mozilla mp3 mpeg mpi ncurses netcdf nls nptl nvidia ogg oggvorbis opengl oss pam pdflib perl plotutils png python qhull qt quicktime readline real samba sdl slang sndfile speex spell sse ssl svg svga tcltk tcpd tetex theora tiff truetype truetype-fonts type1-fonts v4l v4l2 vorbis wifi xine xinerama xml2 xmms xv xvid zlib userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY

Comment 1 SpanKY gentoo-dev

2005-05-18 20:55:27 UTC

so what you're saying is ...

you run `/etc/init.d/nfs start`
when you run `showmount -e`, it will show /home as exported
you run `/etc/init.d/nfs reload`
when you run `showmount -e`, /home no longer shows up
you run `/etc/init.d/nfs restart`
`showmount -e` once again shows /home as exported

correct ?

Comment 2 Nuno Sucena Almeida 2005-05-21 17:34:36 UTC

i start the nfs daemon (booting). i add some hosts to the ldap netgroup  
database. i do a nfs reload, and it doesn't pick up the new ones, i need to do  
a nfs restart. as a matter of fact, yesterday i had another error. some of the  
machines in the netgroup are allowed to mount and some others aren't, even with  
a restart. just to make sure that the ldap stuff was working, i've coded a  
simple c software that lists the machines, given a netgroup name:  
  
http://aeminium.org/slug/software/netgroup/  
  
(if you can't get there, i can email the code to you) 
 
which confirms that the ldap / nss_switch.conf are correct, giving the expected  
results. well, almost. for some reason if i'm using ldap, the function  
'setnetgrent' returns always 1 (any netgroup name exist). but returns 0 if i 
only have "files" in the nss_switch.conf (with the correspoding entries  
in /etc/netgroup ) and the netgroup doesn't exist. in any case, i can see the  
correct entries being displayed for the netgroup which should be enough for the  
nfs daemons.

Comment 3 SpanKY gentoo-dev

2005-05-21 17:46:54 UTC

thats because the reload option just re-runs exportfs, it doesnt do anything else

what command needs to be run to do what you expect ?

Comment 4 Nuno Sucena Almeida 2005-05-21 17:58:50 UTC

i need to stop the nfs ( /etc/init.d/nfs stop ) and restart it 
( /etc/init.d/nfs start) or the usual restart to get the new machines to be 
recongnized. but as i said, it's even more weird since some of the hosts in the 
vpn are allowed and some others aren't, although the netgroup is being 
correctly exported by ldap, which leads me to conclude that there's something 
wrong querying the ldap database. searching through the net i found some hints 
(very old, from 2001/2) saying that the nfs netgroup thing would only work with 
NIS exported maps. 
even with a complete reboot i get the same results.

Comment 5 SpanKY gentoo-dev

2005-05-21 18:09:02 UTC

the question was, what needs to be added to the init.d script for nfs reload to
work ?

otherwise i'm just inclined to remove the reload() option from the init script

Comment 6 SpanKY gentoo-dev

2005-10-08 13:27:52 UTC

get back to us with what actually needs to be done