Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-6439

NFS should not reject NFS requests to the NULL procedure whether port monitoring is enabled or not

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.5.0
    • 2.5.0
    • nfs
    • None
    • Reviewed

    Description

      As discussed in HDFS-6406, this JIRA is to track the follow update:

      1. Port monitoring is the feature name with traditional NFS server and we may want to make the config property (along with related variable allowInsecurePorts) something as dfs.nfs.port.monitoring.

      2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):

      Whether port monitoring is enabled or not, NFS servers SHOULD NOT reject NFS requests to the NULL procedure (procedure number 0). See subsection 2.3.1, "NULL procedure" for a complete explanation.

      I do notice that NFS clients (most time) send mount NULL and nfs NULL from non-privileged port. If we deny NULL call in mountd or nfs server, the client can't mount the export even as user root.

      3. it would be nice to have the user guide updated for the port monitoring feature.

      Attachments

        1. mount-nfs-requests.pcapng
          399 kB
          Brandon Li
        2. linux-nfs-disallow-request-from-nonsecure-port.pcapng
          83 kB
          Brandon Li
        3. HDFS-6439.patch
          6 kB
          Aaron Myers
        4. HDFS-6439.patch
          10 kB
          Aaron Myers
        5. HDFS-6439.005.patch
          60 kB
          Brandon Li
        6. HDFS-6439.004.patch
          60 kB
          Brandon Li
        7. HDFS-6439.003.patch
          59 kB
          Brandon Li

        Issue Links

          Activity

            People

              atm Aaron Myers
              brandonli Brandon Li
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: