I’ve a Opensuse 11.1 (i know, i must upgrade it) server for some ubuntu clients.
Clients are autenticated by nis and mount the directory with automount by nfs. All was working fine but after an update i have an error:
Nov 27 02:01:00 tutatis kernel: svc: 192.168.2.60, port=884: unknown version (4 for prog 100003, nfsd)
Nov 27 02:01:00 tutatis mountd[8229]: mount request from unknown host 192.168.2.60 for /home/fperal (/home/fperal)
My /etc/exports on the server includes this line
/home 192.168.2.*(rw,async,no_subtree_check)
it’s a dns problem or is something related to nfs?
Yes. Samba was failing. Updates was not working because end of life. So I was researching and I found that there was a evergreen project, so i counfigured the evergreen repo and I did a zypper dup
fperal wrote:
> Hi!
>
> I’ve a Opensuse 11.1 (i know, i must upgrade it) server for some ubuntu
> clients.
What version of Ubuntu?
> Clients are autenticated by nis and mount the directory with automount
> by nfs. All was working fine but after an update i have an error:
>
>
> Code:
> --------------------
>
> Nov 27 02:01:00 tutatis kernel: svc: 192.168.2.60, port=884: unknown version (4 for prog 100003, nfsd)
> Nov 27 02:01:00 tutatis mountd[8229]: mount request from unknown host 192.168.2.60 for /home/fperal (/home/fperal)
>
> --------------------
Which machine is that? Server or a client?
> My /etc/exports on the server includes this line
>
> Code:
> --------------------
>
> /home 192.168.2.*(rw,async,no_subtree_check)
>
> --------------------
But what about the config on the client?
> it’s a dns problem or is something related to nfs?
I would guess that you were using NFS v3 and either the server or client
has tried to switch to NFS v4 (as per error message). Find out what and
where and switch it back to v3. Alternatively, upgrade all the systems
to recent versions and you could try v4 but you will probably have to
extensively modify your config files as well.
> Yes. Samba was failing. Updates was not working because end of life. So
> I was researching and I found that there was a evergreen project, so i
> counfigured the evergreen repo and I did a zypper dup
zypper dup… hum, that’s dangerous. Plain “up” should be it.
In any case, I concur with Dave diagnostics.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” (Minas Tirith))
> Clients are autenticated by nis and mount the directory with automount
> by nfs. All was working fine but after an update i have an error:
>
>
> Code:
> --------------------
>
> Nov 27 02:01:00 tutatis kernel: svc: 192.168.2.60, port=884: unknown version (4 for prog 100003, nfsd)
> Nov 27 02:01:00 tutatis mountd[8229]: mount request from unknown host 192.168.2.60 for /home/fperal (/home/fperal)
>
> --------------------
Which machine is that? Server or a client?
the server
> My /etc/exports on the server includes this line
>
> Code:
> --------------------
>
> /home 192.168.2.*(rw,async,no_subtree_check)
>
> --------------------
But what about the config on the client?
we haven’t changed anything on the clients. It was working two days ago.
This is /etc/nsswitch.conf
*# /etc/nsswitch.conf*
*#*
*# Example configuration of GNU Name Service Switch functionality.*
*# If you have the `glibc-doc-reference' and `info' packages installed, try:*
*# `info libc "Name Service Switch"' for information about this file.*
*passwd: compat nis*
*group: compat nis*
*shadow: compat nis*
*hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 nis*
*networks: files nis*
*protocols: db files nis*
*services: db files nis*
*ethers: db files nis*
*rpc: db files nis*
*netgroup: nis*
and yp.conf
#
# yp.conf Configuration file for the ypbind process. You can define
# NIS servers manually here if they can't be found by
# broadcasting on the local net (which is the default).
#
# See the manual page of ypbind for the syntax of this file.
#
# IMPORTANT: For the "ypserver", use IP addresses, or make sure that
# the host is in /etc/hosts. This file is only interpreted
# once, and if DNS isn't reachable yet the ypserver cannot
# be resolved and ypbind won't ever bind to the server.
# ypserver ypserver.network.com
ypserver 192.168.2.2
The following files end with a + followed by some : (as in brackets)
/etc/passwd (6) /etc/group (3) /etc/shadow (8) and /etc/gshadow (3)
These are /etc/auto.master and /etc/auto.home
root@PC1410:/# cat /etc/auto.master
#
# Sample auto.master file
# This is an automounter map and it has the following format
# key -mount-options-separated-by-comma ] location
# For details of the format look at autofs(5).
#
#/misc /etc/auto.misc
#
# NOTE: mounts done from a hosts map will be mounted with the
# "nosuid" and "nodev" options unless the "suid" and "dev"
# options are explicitly given.
#
#/net -hosts
#
# Include central master map if it can be found using
# nsswitch sources.
#
# Note that if there are entries for /net or /misc (as
# above) in the included master map any keys that are the
# same will not be seen as the first read key seen takes
# precedence.
#
/home /etc/auto.home
+auto.master
root@PC1410:/# cat /etc/auto.home
* 192.168.2.2:/home/&
root@PC1410:/#
NIS is working fine, the sistem ypcat passwd gives me the whole user list on the server and the ubuntu machine let me login with any nis user, but then it fails mounting my home
> it’s a dns problem or is something related to nfs?
I would guess that you were using NFS v3 and either the server or client
has tried to switch to NFS v4 (as per error message). Find out what and
where and switch it back to v3. Alternatively, upgrade all the systems
to recent versions and you could try v4 but you will probably have to
extensively modify your config files as well.
Once the initial setting has been done, switch to edit the config files
directly.
> and the server “replies” (in /var/log/messages )
>
>
> Code:
> --------------------
> Nov 27 13:17:28 tutatis mountd[8229]: mount request from unknown host 192.168.2.60 for /home (/home)
> --------------------
I think this means that reverse DNS is not working, but I’m unsure.
Google it.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” (Minas Tirith))
Carlos E. R. wrote:
> On 2012-11-27 13:26, fperal wrote:
>> and the server “replies” (in /var/log/messages )
>>
>> Code:
>> --------------------
>> Nov 27 13:17:28 tutatis mountd[8229]: mount request from unknown host 192.168.2.60 for /home (/home)
>> --------------------
>
> I think this means that reverse DNS is not working, but I’m unsure.
> Google it.
I don’t think it is DNS. It is a misleading error message. See here for
example:
But in any case /etc/exports is using IP addresses, not domain names, so
there is no DNS lookup.
> My /etc/exports on the server includes this line
> /home 192.168.2.*(rw,async,no_subtree_check)
I’m not sure that a * is allowed like that. I can’t find any such
examples. You can use NIS netgroups, or you can use IP address/netmask.
But that wouldn’t account for why it ever worked???
To add: you already know you should upgrade. If you install from DVD, you can import the users from the previous install. Since you run NIS, they’re only on the server. Setting up your NIS server on a new install, is easily done if you import the users.
On 2012-11-27 15:06, Knurpht wrote:
>
> To add: you already know you should upgrade. If you install from DVD,
> you can import the users from the previous install. Since you run NIS,
> they’re only on the server. Setting up your NIS server on a new install,
> is easily done if you import the users.
This is one of the setups where I recommend a system upgrade.
You’re right the * is for dns names. For man exports
Machine Name Formats
NFS clients may be specified in a number of ways: single host This is the most common format. You may specify a host either by an abbreviated name recognized be the resolver, the fully qualified domain name, or an IP address. netgroups NIS netgroups may be given as @group. Only the host part of each netgroup members is consider in checking for membership. Empty host parts or those containing a single dash (-) are ignored. wildcards
Machine names may contain the wildcard characters *** and ?. This can be used to make the exports file more compact; for instance, *.cs.foo.edu matches all hosts in the domain cs.foo.edu. As these characters also match the dots in a domain name, the given pattern will also match all hosts within any subdomain of cs.foo.edu. IP networks You can also export directories to all hosts on an IP (sub-) network simultaneously. This is done by specifying an IP address and netmask pair as address/netmask where the netmask can be specified in dotted-decimal format, or as a contiguous mask length. For example, either ‘/255.255.252.0’ or ‘/22’ appended to the network base IPv4 address results in identical subnetworks with 10 bits of host. Wildcard characters generally do not work on IP addresses, though they may work by accident when reverse DNS lookups fail.
I’m astonished, It has been working this way since, I think then years ago
fperal wrote:
> I’m astonished, It has been working this way since, I think then years
> ago
All I can think is that the code used to be more permissive but now it’s
been tightened up to match the docs. By some wet-behind-the-ears who
doesn’t understand backwards compatibility perhaps ;(
An alternative view might be that you were relying on an undocumented
feature …
I know i should upgrade, but the server runs nis+nfs, web server ssh, stunnel, posetfix, dns server, mailman server, etc…
So I’ve tried to do a clean install and nothing worked and it may be a great headache.
A system update may work but I tried a year or two ago and i couldn’t because the server is mounted on a raid10 (created by hand) and the opensuse version in that moment could’t manage an update on the raid10. I think opensuse 12.2 will do it. I have to try.
