FS#39217 - [nfs-util] 0.2.4-1 causes segfault in rpc.gssd/libgssapi_krb5.so when mounting kerberized NFS4 share
Attached to Project:
Arch Linux
Opened by Mike Sager (g4c) - Friday, 07 March 2014, 18:38 GMT
Last edited by Tobias Powalowski (tpowa) - Tuesday, 09 September 2014, 13:17 GMT
Opened by Mike Sager (g4c) - Friday, 07 March 2014, 18:38 GMT
Last edited by Tobias Powalowski (tpowa) - Tuesday, 09 September 2014, 13:17 GMT
|
Details
Description:
After upgrading from libtirpc-0.2.3-2 package to 0.2.4-1, rpc.gssd segfaults in libgssapi_krb5.so.2.2 when trying to mount a kerberized NFS4 share. Mount hangs & fails as a result. Downgrading to 0.2.3-2 fixes the problem. Additional info: * libtirpc-0.2.4-1 * krb-1.12.1-1 (libgssapi_krb5.so.2.2) * nfs-utils 1.2.9-5 (rpc.gssd) Steps to reproduce: Upgrade to libtirpc-0.2.4-1 |
This task depends upon
Closed by Tobias Powalowski (tpowa)
Tuesday, 09 September 2014, 13:17 GMT
Reason for closing: Fixed
Additional comments about closing: nfs-utils-1.3.0-4
Tuesday, 09 September 2014, 13:17 GMT
Reason for closing: Fixed
Additional comments about closing: nfs-utils-1.3.0-4
libtirpc (0.2.4-1 -> 0.2.3-2) on x86_64
However, rpc.gssd & rpc.svgssd, regardless which version, throw more errors:
rpc.svcgssd[22905]: ERROR: GSS-API: error in gss_free_lucid_sec_context(): GSS_S_NO_CONTEXT (No context has been established) - Unknown error
rpc.svcgssd[22905]: WARN: failed to free lucid sec context
Own Bug?
rpc.gssd[1273]: WARNING: forked child was killed with signal 97
happens every time now when trying to mount a krb share.
1) start rpc-gssd on the client
2) try to mount a *none kerberized* share: rpc.gssd[1109]: segfault at b71a4148 ip b7507c20 sp bfba84b4 error 4 in libc-2.19.so[b748b000+1a7000]
3) try again without restarting rpc-gssd: rpc.gssd[1156]: segfault at 3e ip b741205f sp bf9a1110 error 4 in libgssapi_krb5.so.2.2[b7401000+46000]
4) stopping rpc-gssd will allow to mount the *none kerberized* share
Versions (client (i686) & server (x64)):
core/nfs-utils 1.2.9-5
core/krb5 1.12.1-1
core/libtirpc 0.2.4-1
core/librpcsecgss 0.19-8
core/libgssglue 0.4-2
core/rpcbind 0.2.1-2
core/glibc 2.19-3
core/linux 3.13.8-1
So it looks like nfsv4 is broken if rpc-gssd is running, regardless of kerberized shares.
To keep mounting Kerberized NFS I need:
- libtirpc 0.2.3-2
- nfs-utils 1.2.9-5
- rpcbind 0.2.1-2
With those 3 downgrades, I'm back in business (for now).
Edit: I can confirm that updating the server to nfs-utils 1.3.0-2 and rpcbind 0.2.1-5 causes issues for kerberized NFS clients with nfs-utils 1.3.0-2, rpcbind 0.2.1-5, and libtirpc 0.2.3-2.
They fixed their segfault by building nfs-utils and libtirpc without --with-gssglue.
Hopefully, this will spurn some progress on this dusty old bug. :)
Thanks
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -16 +16 @@ backup=(etc/{exports,idmapd.conf,nfsmount.conf} etc/conf.d/{nfs-common.conf,nfs-
-depends=('glibc' 'e2fsprogs' 'rpcbind' 'libtirpc>=0.2.1' 'librpcsecgss>=0.19-2' 'nfsidmap' 'libevent>=2.0.10' 'libgssglue' 'device-mapper')
+depends=('glibc' 'e2fsprogs' 'rpcbind' 'libtirpc>=0.2.1' 'librpcsecgss>=0.19-2' 'nfsidmap' 'libevent>=2.0.10' 'device-mapper')
@@ -54 +53,0 @@ build() {
- --with-gssglue \