#889 Issue closed: rpcinfo might fail on some systems if used on specific hostname¶
Labels: enhancement, fixed / solved / done
EQXTFL opened issue at 2016-06-21 22:10:¶
- rear version (/usr/sbin/rear -V):
1.18 - OS version (cat /etc/rear/os.conf or lsb_release -a):
RHEL 6.5 - rear configuration files (cat /etc/rear/site.conf or cat
/etc/rear/local.conf):
ISO/NFS - Brief description of the issue
In file 05_start_required_daemons.sh, rpcinfo is used with option "-p localhost". This will require specific configuration to be in place and can fail.
For example, on one of my systems this produces the message:
rpcinfo: can't contact portmapper: RPC: Authentication error; why =
Client credential too weak
If rpcinfo is used without any option, it will default to localhost anyway (at least on RHEL), which works fine on all of my hosts.
Suggested change:
Change "rpcinfo -p localhost" to "rpcinfo" in the complete file.
jsmeix commented at 2016-06-22 07:18:¶
I cannot tell why "rpcinfo -p localhost" is used
and not plain "rpcinfo" but I assume the "-p localhost"
is there intentionally - but (as usual) there is no comment
that explains why the "-p localhost" is there
(cf.
https://github.com/rear/rear/wiki/Coding-Style).
"git blame
usr/share/rear/verify/NETFS/default/05_start_required_daemons.sh"
tells that the "rpcinfo -p localhost" commands
were implemented by @dagwieers
so that it is probably best when he could have
a first look what goes on here.
jsmeix commented at 2016-06-22 07:25:¶
@EQXTFL
according to "man rpcinfo" you are not right that if "-p ..." is
not specified it will default to localhost anyway.
Excerpt from "man rpcinfo" on SLE11
(with /usr/sbin/rpcinfo from glibc-2.11.3)
-p Probe the portmapper on host, and print a list of all
registered RPC programs. If host is not specified,
it defaults to the value returned by hostname(1).
Excerpt from "man rpcinfo" on openSUSE Leap 42.1
(which is basically the same as SLE12)
where /sbin/rpcinfo comes from rpcbind-0.2.1
-p Probe rpcbind on host using version 2 of the rpcbind
protocol, and display a list of all registered RPC programs.
If host is not specified, it defaults to the local host.
Note: Version 2 of the rpcbind protocol was previously
known as the portmapper protocol.
Accordingly I assume that on older systems like SLE11
the "-p localhost" is there intentionally to aviod that
rpcinfo probe the portmapper on the value returned
by hostname(1).
EQXTFL commented at 2016-06-22 11:17:¶
On RHEL 5, the rpcinfo manpage states to use "hostname" by default, on RHEL 6 it states to use "local host". Anyway - it only works without the -p option in my RHEL 6 environment. If the system is normally booted, all of the following work fine:
rpcinfo
rpcinfo -p 127.0.0.1
rpcinfo -p localhost
The last two commands do no longer work once booted into the ISO. I guess we have 3 options?
- Figure out what's missing to support -p in the ISO
- Verify if "rpcinfo" would work for everyone
- Try the test with and without the option before we continue in the script
gdha commented at 2016-06-22 12:08:¶
On a centos7 system there is a difference:
[gdha@antwerp centos7]$ rpcinfo
program version netid address service owner
100000 4 tcp6 ::.0.111 portmapper superuser
100000 3 tcp6 ::.0.111 portmapper superuser
100000 4 udp6 ::.0.111 portmapper superuser
100000 3 udp6 ::.0.111 portmapper superuser
100000 4 tcp 0.0.0.0.0.111 portmapper superuser
100000 3 tcp 0.0.0.0.0.111 portmapper superuser
100000 2 tcp 0.0.0.0.0.111 portmapper superuser
100000 4 udp 0.0.0.0.0.111 portmapper superuser
100000 3 udp 0.0.0.0.0.111 portmapper superuser
100000 2 udp 0.0.0.0.0.111 portmapper superuser
100000 4 local /var/run/rpcbind.sock portmapper superuser
100000 3 local /var/run/rpcbind.sock portmapper superuser
100024 1 udp 0.0.0.0.223.74 status 29
100024 1 tcp 0.0.0.0.165.6 status 29
100024 1 udp6 ::.133.154 status 29
100024 1 tcp6 ::.233.92 status 29
100005 1 udp 0.0.0.0.78.80 mountd superuser
100005 1 tcp 0.0.0.0.78.80 mountd superuser
100005 1 udp6 ::.78.80 mountd superuser
100005 1 tcp6 ::.78.80 mountd superuser
100005 2 udp 0.0.0.0.78.80 mountd superuser
100005 2 tcp 0.0.0.0.78.80 mountd superuser
100005 2 udp6 ::.78.80 mountd superuser
100005 2 tcp6 ::.78.80 mountd superuser
100005 3 udp 0.0.0.0.78.80 mountd superuser
100005 3 tcp 0.0.0.0.78.80 mountd superuser
100005 3 udp6 ::.78.80 mountd superuser
100005 3 tcp6 ::.78.80 mountd superuser
100003 3 tcp 0.0.0.0.8.1 nfs superuser
100003 4 tcp 0.0.0.0.8.1 nfs superuser
100227 3 tcp 0.0.0.0.8.1 nfs_acl superuser
100003 3 udp 0.0.0.0.8.1 nfs superuser
100003 4 udp 0.0.0.0.8.1 nfs superuser
100227 3 udp 0.0.0.0.8.1 nfs_acl superuser
100003 3 tcp6 ::.8.1 nfs superuser
100003 4 tcp6 ::.8.1 nfs superuser
100227 3 tcp6 ::.8.1 nfs_acl superuser
100003 3 udp6 ::.8.1 nfs superuser
100003 4 udp6 ::.8.1 nfs superuser
100227 3 udp6 ::.8.1 nfs_acl superuser
100021 1 udp 0.0.0.0.162.127 nlockmgr superuser
100021 3 udp 0.0.0.0.162.127 nlockmgr superuser
100021 4 udp 0.0.0.0.162.127 nlockmgr superuser
100021 1 tcp 0.0.0.0.130.45 nlockmgr superuser
100021 3 tcp 0.0.0.0.130.45 nlockmgr superuser
100021 4 tcp 0.0.0.0.130.45 nlockmgr superuser
100021 1 udp6 ::.225.203 nlockmgr superuser
100021 3 udp6 ::.225.203 nlockmgr superuser
100021 4 udp6 ::.225.203 nlockmgr superuser
100021 1 tcp6 ::.232.31 nlockmgr superuser
100021 3 tcp6 ::.232.31 nlockmgr superuser
100021 4 tcp6 ::.232.31 nlockmgr superuser
[gdha@antwerp centos7]$ rpcinfo -p localhost
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 57162 status
100024 1 tcp 42246 status
100005 1 udp 20048 mountd
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 41599 nlockmgr
100021 3 udp 41599 nlockmgr
100021 4 udp 41599 nlockmgr
100021 1 tcp 33325 nlockmgr
100021 3 tcp 33325 nlockmgr
100021 4 tcp 33325 nlockmgr
gdha commented at 2016-06-22 12:11:¶
@EQXTFL Did you try rpcinfo -p (without mentioning a hostname)? It
should also revert to local host.
jsmeix commented at 2016-06-22 12:20:¶
Because one same rear code must work on various systems
I am for option (3) in
https://github.com/rear/rear/issues/889#issuecomment-227714123
But I am not al all a RPC expert to make an authoritative
statement here or to even fix it properly.
FYI
in general regarding RPC see also
https://github.com/rear/rear/issues/870
and in particular see
https://github.com/rear/rear/issues/870#issuecomment-225135566
jsmeix commented at 2016-06-22 12:23:¶
As fas as I understand the comments in
usr/share/rear/verify/NETFS/default/05_start_required_daemons.sh
the goal of the "rpcinfo" calls is only to find out
whether or not port mapper / rpcbind / rpc.statd
is running.
Perhaps there is a more generic and simpler way to check
if a daemon process is running that is also sufficient here?
EQXTFL commented at 2016-06-22 13:53:¶
While booted from the ISO:
RHEL 6:
"rpcinfo" and "rpcinfo -p" work fine
"rpcinfo -p anything" does not work
RHEL 5 is different:
"rpcinfo -p" and "rpcinfo -p localhost" work fine
"rpcinfo" does not work
So only "rpcinfo -p" works for both.
We can surely change to only verify if the processes are running, but actually using rpcinfo is of course the better test.
jsmeix commented at 2016-06-22 14:29:¶
"rear recover" with plain "rpcinfo -p" also works for me
in the rear recovery system of a SLES11-SP4 machine
after I changed
usr/share/rear/verify/NETFS/default/05_start_required_daemons.sh
all "rpcinfo -p localhost" to plain "rpcinfo -p":
RESCUE g130:~ # grep rpcinfo /usr/share/rear/verify/NETFS/default/05_start_required_daemons.sh
rpcinfo -p >&8 2>&1 || rpcbind
until rpcinfo -p >&8 2>&1; do
# statd should be started only once, check with rpcinfo if it is already there
if rpcinfo -p | grep -q status ; then
RESCUE g130:~ # rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 34257 status
100024 1 tcp 58568 status
RESCUE g130:~ # ps auxw | grep rpc
root 1048 0.0 0.0 18924 904 ? Ss 16:25 0:00 rpcbind
root 1053 0.0 0.1 19156 1340 ? Ss 16:25 0:00 rpc.statd
root 1084 0.0 0.0 0 0 ? S< 16:25 0:00 [rpciod]
root 2611 0.0 0.0 4272 572 pts/0 R+ 16:25 0:00 grep rpc
jsmeix commented at 2016-06-22 14:39:¶
"rear recover" with plain "rpcinfo -p" also works for me
in the rear recovery system of a SLES12-SP1 machine
after I changed in
usr/share/rear/verify/NETFS/default/05_start_required_daemons.sh
all "rpcinfo -p localhost" to plain "rpcinfo -p"
jsmeix commented at 2016-06-22 14:41:¶
Tomorrow I will do a GitHub Pull Request...
jsmeix commented at 2016-06-22 14:44:¶
@EQXTFL
probably this is only a typo in your
https://github.com/rear/rear/issues/889#issuecomment-227750397
RHEL 6: "rpcinfo" and "rpcinfo -p" work fine "rpcinfo -p " does not work
"rpcinfo -p" work fine but "rpcinfo -p " does not work?
To be on the safe side can you confirm what
exactly works and does not work on RHEL 6.
EQXTFL commented at 2016-06-22 14:50:¶
Thanks for catching, I have removed the "less than" and "greater than" signs that made the text disappear.
jsmeix commented at 2016-06-22 14:51:¶
@gdha
please report if you know about a system
where plain "rpcinfo -p" does not work.
EQXTFL commented at 2016-06-22 15:01:¶
Ubuntu 14 and 16 confirmed working fine with rpcinfo -p (on regular OS , not ISO).
jsmeix commented at 2016-06-23 14:36:¶
With
https://github.com/rear/rear/pull/891
it uses plain 'rpcinfo -p' which should work everywhere
so that this issue here is avoided.
@EQXTFL
please test it it works for you with
the current rear GitHub master code.
EQXTFL commented at 2016-06-24 19:34:¶
Confirmed working RHEL 5 and 6. Thanks for the quick update!
jsmeix commented at 2016-06-27 08:03:¶
@EQXTFL
many thanks for your testing!
[Export of Github issue for rear/rear.]