autofs from non-Fedora to Fedora 16

Discussion in 'Linux Networking' started by Kevin the Drummer, Apr 12, 2012.

  1. I have a Mandriva 2010.2 system which can NFS mount all of my
    other Mandriva systems using autofs to do that. From a command
    line all I need do is, for instance

    ls /net/machine1/home/

    to list the contents of /home on the host machine1. On my Fedora 16
    system I can run

    ls /net/f16machine/home

    and get a listing of /home on the F16 system itself. I believe
    that NFS is working because I can run

    sudo mount -t nfs f16machine:/home /mnt/F16mount

    on a Mandriva machine and then list the contents of /mnt/F16mount
    which will show the contents of /home on f16machine.

    I can get autofs on the f16machine to negotiate the NFS mount to
    my Mandriva machines just fine.

    But, when I try to get autofs to negotiate the NFS mount from a
    Mandriva machine to the f16machine, then

    ls /net/f16machine/home

    just times out, and I get a "No such file or directory" error
    message on command line. At that time I also get

    Apr 11 23:41:58 e129939 automount[19018]: \
    lookup_mount: exports lookup failed for f16machine
    Apr 11 23:41:58 e129939 automount[19018]: \
    update_negative_cache: key "f16machine" not found in map.

    in /var/log/messages on the host where I ran the 'ls' command.

    Any ideas where/what I should troubleshoot next?

    Thanks....
     
    Kevin the Drummer, Apr 12, 2012
    #1
    1. Advertisements

  2. Kevin the Drummer

    J G Miller Guest

    nfs v3 or nfs v4?

    In order for nfs v4 to work properly with id mapping you need
    different daemons running than for nfs v4, and sometime need
    to add an entry to the fstab to get a virtual filesystem
    mounted for nfs v4.

    So without you indicating which version you are trying to
    use and which is available from each machine ...
     
    J G Miller, Apr 12, 2012
    #2
    1. Advertisements

  3. I suspect that my Fedora system is running NFS v4. I suspect
    that my Mandriva systems are running NFS v3. How can I tell for
    sure?
    Interesting. I think what you're saying is that autofs makes use
    of id mapping, whereas using the 'mount' command with an explicit
    host name to be mounted doesn't. That could explain why 'mount'
    works for me, while autofs doesn't.

    Where should I look for documentation specific to the NFS version
    issue surrounding v4 and id mapping?

    Is there some compelling reason why I should run v4 instead of
    v3? If not, then is there a way to force Fedora 16 to run v3?
    I'm presuming here that if I could get everything to run v3, that
    this would be easier.

    Thanks!
     
    Kevin the Drummer, Apr 12, 2012
    #3
  4. Kevin the Drummer

    J G Miller Guest

    Possibly by the names or contents of the packages installed.

    Because v4 is actually nicer than v3 if you want to better organise
    your exports and because v4 also supports tcp.

    For v3 you need rpc.statd running, for v4 you need rpc.idmapd running instead,
    as well as rpc_pipefs mounted on /var/lib/nfs/rpc_pipefs with type rpc_pipefs

    The format of the exports file for v4 is different and follows a hierarchy

    You create a top mount point and export that, eg

    /mnt/export *.yourdomain(fsid=0,insecure,no_root_squash,no_subtree_check,ro,sync)

    and then export directories under that, eg

    /mnt/export/usr/local *.yourdomain(insecure,nohide,no_root_squash,no_subtree_check,ro,sync)

    Note that these are for read only exports. Obviously you can create more hierarchies
    with fsid=1, fsid=2 etc.

    And if you need the security, nfs v4 has support for kerberos.

    I have nfsv4 exports set up and use autofs with a custom script inspired
    from the autofs auto.net script to do nfs v4 tcp mounting under
    /mnt/net/hostname/ with the /mnt/export of the exported share chopped off.


    #! /bin/sh

    #*****************************************************************************#
    #|
    #| file : /etc/autofs/auto.export
    #|
    #*---------------------------------------------------------------------------*#

    OPTIONS="-fstype=nfs4,port=2049,proto=tcp"

    SHOWMOUNT_FLAGS="--no-headers"

    #*---------------------------------------------------------------------------*#

    nfs_server="${1}"

    #*---------------------------------------------------------------------------*#

    showmount=""

    for dir in /bin /sbin /usr/bin /usr/sbin
    do

    for executable in showmount kshowmount
    do

    file="${dir}/${executable}"

    if [ -x "${file}" ]
    then
    showmount="${file}"
    break
    fi

    done

    done

    test -x "${showmount}" || exit 1

    showmount="${showmount} ${SHOWMOUNT_FLAGS} -e ${nfs_server}"

    #*---------------------------------------------------------------------------*#

    ${showmount} | \
    grep '^/mnt/export' | \
    grep -v '^/mnt/export[ ]' | \
    LC_ALL=C cut -d' ' -f1 | \
    LC_ALL=C sort -u | \
    awk -v nfs_server="${nfs_server}" -v OPTIONS="${OPTIONS}" -- '
    BEGIN {
    ORS=""
    first=1
    }
    {
    if (first)
    {
    first=0
    print OPTIONS
    }
    print " \\\n\t" $1, nfs_server ":" $1
    }
    END {
    if (!first)
    {
    print "\n";
    }
    else
    {
    exit 1
    }
    } ' | \
    sed -e 's|/mnt/export/|/|g' -e 's|#|\\#|g'

    #*---------------------------------------------------------------------------*#

    exit 0

    #*****************************************************************************#


    There are plenty of tutorials on how to setup nfs v4

    <http://www.vanemery.COM/Linux/NFSv4/NFSv4-no-rpcsec.html>

    <http://www.novell.COM/coolsolutions/feature/17581.html>

    <http://metavo.metacentrum.CZ/en/docs/storage/nfsv4/index.html>

    <http://forums.gentoo.ORG/viewtopic-t-748472.html>
     
    J G Miller, Apr 12, 2012
    #4
  5. That was one thing I checked. Names don't infer much to me.

    Mandriva 2010.2:
    nfs-utils-1.2.2-5.1mdv2010.2
    nfs-utils-clients-1.2.2-5.1mdv2010.2

    Fedora 16:
    nfs-utils-1.2.5-5.fc16.x86_64

    Maybe having the nfs-utils files have the same major version
    number should be a clue to me that either system could run v4?

    I made some progress on the idmap issue. On the Mandriva machine
    I needed to specify "Domain = myactualdomain.com". Fedora seems
    to default OK with that commented out in the idmap.conf file.
    Now when I 'sudo mount -t nfs f16machine:/home f16mountdir' and
    'ls -l f16mountdir' I get the right user and group names, given
    that the UIDs and GIDs match across all my systems.
    OK. I agree that the exports are a bit of sloppy bookkeeping.
    If my network were bigger then I'd have to write some sort of
    script to create /etc/exports from some rules, maybe.
    On the Mandriva machine:

    ps ax | grep rpc.statd
    22378 ? Ss 0:00 rpc.statd --port 4001
    On the Fedora machine:

    systemctl | grep idmap
    nfs-idmap.service loaded active running NFSv4 ID-name mapping daemon
    mount | grep pipe
    sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)

    I think that confirms that I'm running v3 on Mandriva and v4 on Fedora.
    That might be a source of a problem, given that I treated the
    /etc/exports file on the Fedora machine no differently than I do
    on my v3 machines.
    Very interesting. I'll have to dig through the doc's to better
    grok that.
    I'm not too worried about NFS security. The network in my house
    is all hardwired. When I go wireless with my laptop, then I use
    SSH to connect, and the wireless router only allows connections
    with the MAC addresses I've added to its table. It's probably
    good for me to start thinking ahead on this though.
    That first one looks excellent.
    You've been VERY helpful. I really appreciate it. THANKS!

    When I get this working, I'll "pay it forward" and post the solution.
     
    Kevin the Drummer, Apr 12, 2012
    #5
  6. After reading through all the docs you linked to, it looks like v4 *can*
    use a different format, but doesn't have to. To make things simple on
    myself I opted to not change this part yet.

    I'll spend some more time with your script. But....

    At this point all of the NFSv4 stuff seems to work fine, with the
    one annoying exception that autofs won't work. Manually mounting
    works completely. It's only autofs that's not working.

    I turned up the verbosity of my autofs logging to "debug" and I
    get this in /var/log/messages when I try to automount the Fedora
    16 machine from the Mandriva machine.

    Apr 12 18:40:21 mdvhost automount[17954]: \
    st_expire: state 1 path /net
    Apr 12 18:40:21 mdvhost automount[17954]: \
    expire_proc: exp_proc = 3062889328 path /net
    Apr 12 18:40:21 mdvhost automount[17954]: \
    expire_cleanup: got thid 3062889328 path /net stat 0
    Apr 12 18:40:21 mdvhost automount[17954]: \
    expire_cleanup: sigchld: exp 3062889328 finished, switching from 2 to 1
    Apr 12 18:40:21 mdvhost automount[17954]: \
    st_ready: st_ready(): state = 2 path /net
    Apr 12 18:40:34 mdvhost automount[17954]: \
    handle_packet: type = 3
    Apr 12 18:40:34 mdvhost automount[17954]: \
    handle_packet_missing_indirect: \
    token 1374, name f16machine, request pid 27782
    Apr 12 18:40:34 mdvhost automount[17954]: \
    attempting to mount entry /net/f16machine
    Apr 12 18:40:34 mdvhost automount[17954]: \
    lookup_mount: lookup(program): f16machine -> key is 'f16machine'
    Apr 12 18:40:34 mdvhost automount[17954]: \
    lookup_mount: lookup(program): looking up f16machine
    Apr 12 18:40:34 mdvhost automount[17954]: \Unable to receive: errno 113 (No route to host)
    Apr 12 18:40:34 mdvhost automount[17954]: \
    lookup(program): lookup for f16machine failed
    Apr 12 18:40:34 mdvhost automount[17954]: \
    dev_ioctl_send_fail: token = 1374
    Apr 12 18:40:34 mdvhost automount[17954]: \
    failed to mount /net/f16machine
    Apr 12 18:40:34 mdvhost automount[17954]: \
    handle_packet: type = 3
    Apr 12 18:40:34 mdvhost automount[17954]: \
    handle_packet_missing_indirect: token 1375, \
    name f16machine, request pid 27782
    Apr 12 18:40:34 mdvhost automount[17954]: \
    attempting to mount entry /net/f16machine
    Apr 12 18:40:34 mdvhost automount[17954]: \
    dev_ioctl_send_fail: token = 1375
    Apr 12 18:40:34 mdvhost automount[17954]: \
    failed to mount /net/f16machine
    Apr 12 18:41:36 mdvhost automount[17954]: st_expire: state 1 path /net
    Apr 12 18:41:36 mdvhost automount[17954]: \
    expire_proc: exp_proc = 3062889328 path /net
    Apr 12 18:41:36 mdvhost automount[17954]: \
    expire_cleanup: got thid 3062889328 path /net stat 0
    Apr 12 18:41:36 mdvhost automount[17954]: \
    expire_cleanup: sigchld: exp 3062889328 finished, switching from 2 to 1
    Apr 12 18:41:36 mdvhost automount[17954]: \
    st_ready: st_ready(): state = 2 path /net

    Given that my Fedora machine was just installed earlier this
    week, I don't have too much time into it. I might try the i686
    (or is it i386?) version, rather than the x86_64 version that's
    installed right now. There's a little controversy in some forums
    as to whether the 64 bit version was broken. I think the expert
    opinion was that it's fine. It's a long shot, but I'm stumped
    and don't know what else to do.

    Thanks....
     
    Kevin the Drummer, Apr 13, 2012
    #6
  7. Kevin the Drummer

    J G Miller Guest

    You are talking about autofs not working with NFSv4 mounts.

    How do you think that autofs mounts NFS mounts automagically?

    The answer is that it uses whatever you tell it to use in
    auto.master, eg in my case for NFSv4 mounts with my script

    /mnt/net /etc/autofs/auto.export --timeout 300

    So what you need to do is to see which script your automagic
    NFS mounts are using, probably the supplied auto.net script
    and debug that. That is the reason why I ended up writing
    my own script to ensure that the mounts were successful under
    /mnt/net/{%hostname}/{%path} rather than
    /mnt/net/{%hostname}/export/{%path} or whatever.

    You need to issue some smbmount commands manually and then
    see how the results from those are being processed by the
    supplied auto.net script.
     
    J G Miller, Apr 13, 2012
    #7
  8. The problem was on my firewall. The solution is to open ports
    111 and 20048 for both udp and tcp. Troubleshooting information
    below.

    Automounting to the Fedora 16 machine doesn't work yet.

    mandriva1> showmount --exports f16machine
    rpc mount export: RPC: Unable to receive; errno = No route to host

    mandriva1> rpcinfo -p f16machine
    rpcinfo: can't contact portmapper: RPC: Remote system error - No route to host

    Automounting between Mandriva machines has been working for a while.

    mandriva1> showmount --exports mandriva2
    Export list for mandriva2:
    /spare 192.168.1.0/24
    /projects 192.168.1.0/24
    /nobackup 192.168.1.0/24
    /music 192.168.1.0/24
    /media 192.168.1.0/24
    /home 192.168.1.0/24

    mandriva1> rpcinfo -p mandriva2
    program vers proto port
    100000 4 tcp 111 portmapper
    100000 3 tcp 111 portmapper
    100000 2 tcp 111 portmapper
    100000 4 udp 111 portmapper
    100000 3 udp 111 portmapper
    100000 2 udp 111 portmapper
    100024 1 udp 4001 status
    100024 1 tcp 4001 status
    100021 1 udp 4002 nlockmgr
    100021 3 udp 4002 nlockmgr
    100021 4 udp 4002 nlockmgr
    100021 1 tcp 4002 nlockmgr
    100021 3 tcp 4002 nlockmgr
    100021 4 tcp 4002 nlockmgr
    100003 2 tcp 2049 nfs
    100003 3 tcp 2049 nfs
    100003 4 tcp 2049 nfs
    100227 2 tcp 2049 nfs_acl
    100227 3 tcp 2049 nfs_acl
    100003 2 udp 2049 nfs
    100003 3 udp 2049 nfs
    100003 4 udp 2049 nfs
    100227 2 udp 2049 nfs_acl
    100227 3 udp 2049 nfs_acl
    100005 1 udp 33675 mountd
    100005 1 tcp 59528 mountd
    100005 2 udp 33675 mountd
    100005 2 tcp 59528 mountd
    100005 3 udp 33675 mountd
    100005 3 tcp 59528 mountd

    I opened port 111 for tcp and udp on the f16machine firewall. Then I got:

    mandriva1> rpcinfo -p f16machine
    program vers proto port
    100000 4 tcp 111 portmapper
    100000 3 tcp 111 portmapper
    100000 2 tcp 111 portmapper
    100000 4 udp 111 portmapper
    100000 3 udp 111 portmapper
    100000 2 udp 111 portmapper
    100011 1 udp 875 rquotad
    100011 2 udp 875 rquotad
    100011 1 tcp 875 rquotad
    100011 2 tcp 875 rquotad
    100024 1 udp 4001 status
    100024 1 tcp 4001 status
    100003 2 tcp 2049 nfs
    100003 3 tcp 2049 nfs
    100003 4 tcp 2049 nfs
    100227 2 tcp 2049 nfs_acl
    100227 3 tcp 2049 nfs_acl
    100003 2 udp 2049 nfs
    100003 3 udp 2049 nfs
    100003 4 udp 2049 nfs
    100227 2 udp 2049 nfs_acl
    100227 3 udp 2049 nfs_acl
    100021 1 udp 4002 nlockmgr
    100021 3 udp 4002 nlockmgr
    100021 4 udp 4002 nlockmgr
    100021 1 tcp 4002 nlockmgr
    100021 3 tcp 4002 nlockmgr
    100021 4 tcp 4002 nlockmgr
    100005 1 udp 20048 mountd
    100005 1 tcp 20048 mountd
    100005 2 udp 20048 mountd
    100005 2 tcp 20048 mountd
    100005 3 udp 20048 mountd
    100005 3 tcp 20048 mountd

    But, still I had no luck.

    mandriva1> showmount --exports f16machine
    rpc mount export: RPC: Unable to receive; errno = No route to host

    I tried opening all of the ports listed in rpcinfo on the
    firewall. That worked. Then I backed off to opening only ports
    111 and 20048, both for tcp and udp. Now I can see the mount
    points.

    mandriva1> showmount --exports f16machine
    Export list for f16machine:
    /projects 192.168.1.0/24
    /nobackup 192.168.1.0/24
    /music 192.168.1.0/24
    /home 192.168.1.0/24

    What's better is that I can mount the mount points!

    Ahhh, nice. I hope this helps someone else!

    Cheers.
     
    Kevin the Drummer, Apr 15, 2012
    #8
  9. Kevin the Drummer

    J G Miller Guest

    But which firewall? The one on Fedora machine, the one
    on the Mageia machine, or the machine doing the routing
    if not a consumer home router?
    That was why I suggested you first use showmount on the remote
    machine to ensure that you could actually see the exports.

    Your next task should be to get it all working with just nfs v4 ;)
     
    J G Miller, Apr 15, 2012
    #9
  10. It was the firewall on the Fedora (server) machine. I didn't
    have to touch any of the client firewalls. The two machines are
    connected via a switch. My router is on the other side of the
    switch from the machines.
    I might just try that when I upgrade a 2nd machine to Fedora 16.

    Thanks....
     
    Kevin the Drummer, Apr 17, 2012
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.