transforminteractive / alt-f

Automatically exported from code.google.com/p/alt-f
0 stars 0 forks source link

Support for the insecure nfs flag #126

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Setup a line in exports "/mnt/sda2/Tv 
192.168.1.0/24(ro,no_subtree_check,all_squash,insecure)"
2. Reload nfs
3.

What is the expected output? What do you see instead?
Xbmc should be able to see the files under the share when running as a user 
process.
Instead xbmc can only see the files under the share if it's running as a root 
process.

What Alt-F version are you using? Have you flashed it?
0.1RC2 Flashed.

What is the box hardware revision level? A1, B1 or C1? (look at the label
at the box bottom)
Rev B1.

What is your disk configuration? Standard, RAID (what level)...
No raid.

What operating system are you using on your computer? Using what browser?
N/A

Please provide any additional information below.
Xbmc expects the insecure flag for nfs shares. Without it xbmc can only see 
files if it has been started under root.

Original issue reported on code.google.com by oceand....@gmail.com on 22 Dec 2012 at 6:02

GoogleCodeExporter commented 9 years ago
Do you see any error messages in system -> utilities ->  view logs, system 
log/kernel log, when specifying/not specifying  "insecure" in the NSF options 
in the NSF setup page and using Xbox to access the share?

Original comment by whoami.j...@gmail.com on 22 Dec 2012 at 5:12

GoogleCodeExporter commented 9 years ago
In the above I mean xbmc, not Xbox.

Original comment by whoami.j...@gmail.com on 22 Dec 2012 at 5:14

GoogleCodeExporter commented 9 years ago
Looks like the system log has an entry:

Dec 22 12:34:22 dns daemon.warn rpc.mountd[579]: refused mount request
from 192.168.1.150 for /mnt/sda2 (/mnt/sda2): illegal port 53700

Xbmc is reporting:
"Server responded: Program not available"

So I guess it looks like the insecure flag isn't sticking, though I
didn't seen anywhere in the logs that would indicate that.

-Oce

Original comment by oceand....@gmail.com on 22 Dec 2012 at 6:51

GoogleCodeExporter commented 9 years ago

> Dec 22 12:34:22 dns daemon.warn rpc.mountd[579]: refused mount request
> from 192.168.1.150 for /mnt/sda2 (/mnt/sda2): illegal port 53700

Right. So the "insecure" flag is needed.

Have you added it at the end at the NSF options text entry field,  comma 
separated, and hit the submit button?  I'm away from the box until next year, 
can't confirm,  look how the default options are.
And eventually also stop/start the NSF service?

Remember to stop/shutdown the xbmc client also, as NSF file handles are 
preserved by the client even when the server is restarted or shutdown (and the 
server honors them).

Original comment by whoami.j...@gmail.com on 23 Dec 2012 at 3:03

GoogleCodeExporter commented 9 years ago
Unfortunately I've tried it though the web interface a few times with no
luck. At any rate I appreciate you taking a look. If I gather any more
useful information I'll post it.

-Oce

Original comment by oceand....@gmail.com on 23 Dec 2012 at 3:20

GoogleCodeExporter commented 9 years ago
I was able to add the "insecure" flag to the end of the "Export Options" entry 
field,  in the NFS setup webUI, as in

rw,no_root_squash,no_subtree_check,anonuid=99,anongid=98,insecure

and after hitting the Submit button, changes was applied, as the following 
command shows:

~ # cat /etc/exports
/mnt/md0 *(rw,no_root_squash,no_subtree_check,anonuid=99,anongid=98,insecure)
/mnt/md1 *(rw,no_root_squash,no_subtree_check,anonuid=99,anongid=98)

Then I was able to setup xbmc to use nfs on /mnt/md0 (but not on /mnt/md1, as 
it has not the insecure option).

Notice that I was only able to do that using xbmc 11 from a MS-win computer, as 
using xmbm 11 with my linux desktop computer did not work (nfs didn't work!!!)

Original comment by whoami.j...@gmail.com on 2 Jan 2013 at 8:55

GoogleCodeExporter commented 9 years ago
Is that not because under windows xbmc is essentially being run as root?
That it is to say windows does not enforce which users request which ports
as far as nfs is concerned. So, under windows, I don't see how you can tell
if alt-f is respecting the insecure flag. I have no doubt that alt-f's web
gui can set the insecure flag but it doesn't seem like it actually respects
it.

Again I appreciate you taking the time to follow up.

- Oce

Original comment by oceand....@gmail.com on 2 Jan 2013 at 9:15

GoogleCodeExporter commented 9 years ago
> So, under windows, I don't see how you can tell if alt-f is respecting the 
insecure flag.

I was able to use md0 (which has the insecure flag) but not md1 (which has not).
And I received the message:

Jan  2 20:43:45 nas daemon.warn rpc.mountd[2507]: refused mount request from 
192.168.1.64 for /mnt/md1 (/mnt/md1): illegal port 54700

I also tried to run xbmc as the root user in linux without success. xbmc-NFS is 
*not* working in my opensuse distro.

But the point is: the NFS webUI does not drop the "insecure" flag, /etc/exports 
has it correctly set, so the problem is elsewhere.

Original comment by whoami.j...@gmail.com on 2 Jan 2013 at 9:39

GoogleCodeExporter commented 9 years ago
Closing, as /etc/exports is correctly set, so the problem is either with 
NFS-utils itself or xbmc.
Thanks.

Original comment by whoami.j...@gmail.com on 11 Jan 2013 at 4:16