Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.uwa.edu.au!classic.iinet.com.au!swing.iinet.net.au!news.uoregon.edu!europa.chnt.gtegsc.com!news.msfc.nasa.gov!bcm.tmc.edu!cs.utexas.edu!news.sprintlink.net!tank.news.pipex.net!pipex!usenet.eel.ufl.edu!usenet.cis.ufl.edu!usenet.ufl.edu!jfh
From: jfh@cis.ufl.edu (James F. Hranicky)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Hopefully better netgroup questions
Date: 1 Nov 1995 20:00:19 GMT
Organization: University of Florida, Computer Science Department
Lines: 183
Distribution: world
Message-ID: <478jkj$8su@no-names.nerdc.ufl.edu>
References: <473l3n$1f0@no-names.nerdc.ufl.edu> <475s5p$3p3@sol.ctr.columbia.edu>
NNTP-Posting-Host: aviator.cis.ufl.edu
Originator: jfh@aviator.cis.ufl.edu
In article <475s5p$3p3@sol.ctr.columbia.edu>, wpaul@ctr.columbia.edu (Bill Paul) writes:
> Daring to challenge the will of the almighty Leviam00se, James F. Hranicky
Almighty? I never knew :-> Blessed art o thouest who isst answering
myeth questionethsesess...a m00se once bit my sister, BTW
> (jfh@cis.ufl.edu) had the courage to say:
> : Howdy,
>
> : I have the following line in my /etc/exports file:
>
> : /mydir -maproot=nobody cismach
>
> : cismach is the netgroup I'm trying to export to, but when I
> : start or hup mountd I get:
>
> : Oct 30 18:45:24 bounce-bsd mountd[20565]: Gethostbyname failed
> _Please_ don't tell me you didn't just let this error message go
> by without even _trying_ to investigate it. Go on, think about it
Alas, I posted to hastily. My apologies. A couple more questions, however,
and hopefully they are good ones...
1) How do you go about exporting an fs as root to a host who is in
a netgroup you also wish to export to, e.g., under SunOS, you would
put the following in the exports file:
/mydir -access=mynetg,root=trustedhost
I can export to the host and then the network + netmask, but we currently
have about 12 of them here right now...I'd rather not...I get the
"Can't change attributes" error below when I try to export to a host
twice with two differnent options (which makes perfect sense).
2) It seems there may be a problem with multihomed hosts...here
is hopefully a good synopsis:
The problem: given a multi-homed host, when this host is referenced with
two different hostnames in the same netgroup, the following error
is generated (this seems to occur regardless of the actual:
Nov 1 11:23:55 bounce-bsd mountd[2847]: Can't change attributes for /mydir.
Nov 1 11:23:55 bounce-bsd mountd[2847]: Bad exports list line /mydir -maproot
Nov 1 11:23:55 bounce-bsd mountd[2847]: Bad exports list line /mydir -maproot
And the corresponding error from the mountd source code:
line 1572: while (mount(fsb->f_type, dirp,
fsb->f_flags | MNT_UPDATE, (caddr_t)&args) < 0) {
if (cp)
*cp-- = savedc;
else
cp = dirp + dirplen - 1;
*** error **** if (errno == EPERM) {
syslog(LOG_ERR,
"Can't change attributes for %s.\n", dirp);
return (1);
}
if (opt_flags & OP_ALLDIRS) {
syslog(LOG_ERR, "Could not remount %s: %m",
dirp);
return (1);
}
/* back up over the last component */
while (*cp == '/' && cp > dirp)
cp--;
while (*(cp - 1) != '/' && cp > dirp)
cp--;
if (cp == dirp) {
if (debug)
fprintf(stderr,"mnt unsucc\n");
syslog(LOG_ERR, "Can't export %s", dirp);
return (1);
}
savedc = *cp;
*cp = '\0';
}
This appears to be an EPERM, which from the mount(2) man page means that
the above mount request is not being made as root:
[EPERM] The caller is not the super-user.
Is this intentional? I checked putting a non-mulithomed host and it's
alias (cname-record name) in the same netgroup, and the problem does
not recur, however the problem shows up with a multi-homed host. Even if
this is not supported, this seems like the wrong error to generate.
We don't use cnames in the netgroup map, but since we like to explicitly
name interfaces here, we have two A records for some hosts (see examples
below). Is the answer simply not to have two names which resolve to
one IP address for multi-homed hosts?
Just wondering about this. For the brave of heart, there are detailed
examples below.
-----------------------------------
Here are some examples of netgroup lines that fail. First is the entry
for sand from DNS (we explicitly name interfaces for convenience):
sand in a 128.227.100.198
sand-le1 in a 128.227.100.198
sand-le0 in a 128.227.224.20
ftp in cname sand-le1
Here are some sample groups and their results:
1> Identical names in two groups.
group1 (sand,-,cis.ufl.edu) (sand.cis.ufl.edu,-,cis.ufl.edu)
group2 (sand,-,cis.ufl.edu) (sand.cis.ufl.edu,-,cis.ufl.edu)
group group1 group2
Exports line:
/dir -maproot=nobody group
Result of mountd -HUP:
This works fine.
2> Cname in two groups (we don't acually do this, but...)
group1 (sand,-,cis.ufl.edu) (sand.cis.ufl.edu,-,cis.ufl.edu)
group2 (ftp,-,cis.ufl.edu) (ftp.cis.ufl.edu,-,cis.ufl.edu)
group group1 group2
Exports line:
/dir -maproot=nobody group
Result of mountd -HUP:
The error noted above.
3> Two A records for the same IP (we do this here):
group1 (sand,-,cis.ufl.edu) (sand.cis.ufl.edu,-,cis.ufl.edu)
group2 (sand-le1,-,cis.ufl.edu) (sand-le1.cis.ufl.edu,-,cis.ufl.edu)
group group1 group2
Exports line:
/dir -maproot=nobody group
Result of mountd -HUP:
The error noted above.
What the problem isn't -- two hosts, one of which is
a CNAME record for the other:
group (tick,-,cis.ufl.edu) (tick.cis.ufl.edu,-,cis.ufl.edu) \
(sybase,-,cis.ufl.edu) (sybase.cis.ufl.edu,-,cis.ufl.edu)
And the exports file reads:
/dir maproot=nobody group
After hupping mountd, showmount -e comes back with tick being exported,
so, no problem here. Therefore, since the cname works with a non-multi-
homed host, but not a multi-homed host, I gather the problem lies with
multi-homed hosts.
Thanks to anyone who takes the time to read through all this
junk. Sorry again for the previous lousy post.
-------------------------------------------------------------------------------
| Jim Hranicky, Systems Administrator |
| Computer & Information Sciences & Engineering Department, Univ of Florida |
| E314E CSE Building jfh@cis.ufl.edu Phone (904) 392-1057 |
| http://www.cis.ufl.edu/~jfh |
-------------------------------------------------------------------------------