RHBA-2005:727 - Bug Fix Advisory

Topic

An updated nfs-utils package that fixes various bugs is now available.

Description

The nfs-utils package provides a daemon for the kernel NFS server and
related tools, providing a much higher level of performance than the
traditional Linux NFS server.

The following bugs have been addressed:

When rpc.statd sends out messages, the correct source address must be added
to the outgoing message. With multi-homed machines, all network interfaces
nmust be queried until the correct address is found. rpc.statd crashed
during that query in certain network configurations.

Installing the nfs-utils package turned /var/log/lastlog into a large
sparse file. Subsequently, lastlog took a long time to run because
nfs-utils used adduser to install the nfsnobody account.

The rebuild of the export database in xtab_read failed to set the
m_mayexport flag when reading /proc/fs/nfs/exports during the re-export
process. This flag-setting normally occurs when reading /var/lib/nfs/xtab.
The result was that exportfs interpreted this as an explicit indicator to
unexport the mount.

When trying to mount a file larger than 2 GB, rpc.mountd failed with the
following error message:
rpc.mountd: can't stat exported dir /var/www/Sun/S10305.flar:
Value too large for defined data type

When mulitple exportfs processes ran simultaneously, re-exporting the same
file systems, the export list in the kernel became corrupted. Now, file
systems that were exported are no longer exported and the client receives
ESTALES errors.

The rpc.idmapd daemon (used with NFS4 mounts) was not registering for
incoming messages when the nfs server was started.

In some cases 'service nfslock stop' failed to write newlines between the
output lines, which caused error messages to be overwritten before users
had time to read them.

There was a possibility of a buffer overflow in the rpc.svcgssd daemon
(used for authenticating clients on secure NFS servers) when the KDC (or
Kerberos server) was a Microsoft Active Directory server.

The NFS init routine now brings the rpc.svcgssd daemon up and down, as the
rpc.svcgssd daemon is only needed when the NFS server is running.

The '-p port' argument to the rpc.nfsd process now allows the NFS server to
listen on a port other than 2049. This erratum also includes the following
additional arguments:

• N or --no-nfs-version vers

This option can be used to request that rpc.nfsd does not offer
certain versions of NFS. The current version of rpc.nfsd can
support NFS version 2, 3, and 4.

• T or --no-tcp

Disable rpc.nfsd from accepting TCP connections from clients.

• U or --no-udp

Disable rpc.nfsd from accepting UDP connections from clients.

NFS mount failed on AMD64 and Intel EM64T systems when using the 'sec=krb5'
mount option.

The rpc.mountd daemon failed incoming NFS mounts with 'getfh failed:
Operation not permitted' on 64-bit systems due to passing stat64() the
wrong type of input buffer.

The lockd kernel process is now brought up and down by the kernel; the
nfslock init script not longer stops this process.

All users of nfs-utils should upgrade to this updated package, which
resolves these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

• Red Hat Enterprise Linux Server 4 x86_64
• Red Hat Enterprise Linux Server 4 ia64
• Red Hat Enterprise Linux Server 4 i386
• Red Hat Enterprise Linux Workstation 4 x86_64
• Red Hat Enterprise Linux Workstation 4 ia64
• Red Hat Enterprise Linux Workstation 4 i386
• Red Hat Enterprise Linux Desktop 4 x86_64
• Red Hat Enterprise Linux Desktop 4 i386
• Red Hat Enterprise Linux for IBM z Systems 4 s390x
• Red Hat Enterprise Linux for IBM z Systems 4 s390
• Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

• BZ - 151828 - Mailbox locking problem
• BZ - 165058 - nfs-utils makes a nfsnobody user which on 64b platforms is 4294967294
• BZ - 165061 - exportfs incorrectly unexports filesystems when -r is used
• BZ - 165064 - nfsv4 kernel error on RHEL 4: xdr error 10008
• BZ - 165065 - Misformated output from /etc/rc.d/init.d/nfslock stop
• BZ - 165066 - Starting rpc.svcgssd in nfs init script makes rpcsvcgssd init unnecessary?
• BZ - 166072 - Stopping NFS locking: [FAILED]

CVEs

(none)

References

(none)