# NFS problems

## krunk

NFS starts fine at boot on the server but the client gives the following error:

```

root@james krunk # /etc/init.d/nfsmount start

 * Mounting NFS filesystems...

mount: RPC: Remote system error - Connection refused

 * Error mounting NFS filesystems 
```

No relevant ouput in client or server logs pertainging to the error.

On the server side if I stop than restart nfs I it hangs at:

```

tuxmac root # /etc/init.d/nfs start

 * Starting NFS statd...                                                                                                                              [ ok ] * Exporting NFS directories...                                                                                                                       [ ok ] * Starting NFS daemon...

```

and I get the following in my logs:

```
May  3 11:54:30 tuxmac rpc.statd[11642]: Version 1.0.6 Starting

May  3 11:54:30 tuxmac rpc.statd[11642]: gethostbyname error for tuxmac

May  3 11:54:30 tuxmac rpc.statd[11642]: unable to register (statd, 1, udp)
```

Than if I CTRL+Z the process I get:

```

[1]+  Stopped                 /etc/init.d/nfs start

tuxmac root # ps aux | grep nfs

root     11264  0.0  0.0     0    0 pts/3    Z    11:43   0:00 [rpc.nfsd] <defunct>

root     11444  0.0  0.2  2732 1488 pts/3    T    11:46   0:00 /bin/bash /sbin/runscript.sh /etc/init.d/nfs start

root     11649  0.1  0.0  1704  516 pts/4    D    11:54   0:00 /usr/sbin/rpc.nfsd 8

root     11653  0.0  0.0  1684  544 pts/4    S    11:55   0:00 grep nfs

```

and in the logs:

```

May  3 11:56:20 tuxmac portmap: server localhost not responding, timed out
```

Relevant information:

```
tuxmac root # cat /etc/hosts.allow

portmap: 192.168.1.77 , 127.0.0.1

lockd:   192.168.l.77 , 127.0.0.1

mountd:  192.168.1.77 , 127.0.0.1

rquotad: 192.168.1.77 , 127.0.0.1

statd:   192.168.1.77 , 127.0.0.1

sshd:    192.168.1.77 , 127.0.0.1

# Bastille: default deny

# no safe_finger for in.fingerd (prevent loops)

in.fingerd : ALL : DENY

# but everything else is denied & reported with safe_finger

ALL : ALL : spawn (/usr/sbin/safe_finger -l @%h | /bin/mail -s "Port Denial noted %d-%h" root) & : DENY

tuxmac root # cat /etc/hosts.deny

portmap:ALL

lockd:ALL

mountd:ALL

rquotad:ALL

statd:ALL

ALL:ALL

tuxmac root # cat /etc/hosts

127.0.0.1       localhost

192.168.1.77    james

192.168.2.77    teresa

192.168.1.78    tuxmac

192.168.2.78    tuxmac

# IPV6 versions of localhost and co

::1 ip6-localhost ip6-loopback

fe00::0 ip6-localnet

ff00::0 ip6-mcastprefix

ff02::1 ip6-allnodes

ff02::2 ip6-allrouters

ff02::3 ip6-allhosts

tuxmac root # hostname

tuxmac

```

relevant iptable rules (this is a minimal testing set):

```
NFS="2049 32764 32765 32766 32767 32769 32770 111"

                                                                                                                                                            

echo "Enabling local network NFS"

                                                                                                                                                            

for i in $NFS

do

$IPT -A INPUT   -s $INTNET1 -p tcp --dport $i -j ACCEPT

$IPT -A INPUT   -s $INTNET1 -p udp --dport $i -j ACCEPT

                                                                                                                                                            

$IPT -A OUTPUT  -s $INTNET1 -p tcp --dport $i -j ACCEPT

$IPT -A OUTPUT  -s $INTNET1 -p udp --dport $i -j ACCEPT

done

echo ""

                                                                                                                                                            

for i in $NFS

do

$IPT -A INPUT   -s $INTNET2 -p tcp --dport $i -j ACCEPT

$IPT -A INPUT   -s $INTNET2 -p udp --dport $i -j ACCEPT

                                                                                                                                                            

$IPT -A OUTPUT  -s $INTNET2 -p tcp --dport $i -j ACCEPT

$IPT -A OUTPUT  -s $INTNET2 -p udp --dport $i -j ACCEPT

done

echo ""

```

INPORTANT NOTES

 1. NFS was working before with this iptable ruleset and I have not changed it, so I REALLY do not think this is the problem.

a. it is worth mentioning, however, that I must manually change the lockd port number everytime I boot...the kernel argument does not work and it grabs a new one every time...the other ports are properly bound (append="lockd.udpport=32768 lockd.tcpport=32768")

 2. NFS was previously working without a hitch. What have I changed? I don't know or I'd change it back.  :Smile:  The only thing I worked on was this tutorial: Email System For The Home Network...which didn't work for me so I don't even currently have any of those services running.

Thanks in advance.

----------

## tam1138

```
# emerge portmap

# rc-update add portmap default

# /etc/init.d/portmap start
```

Also, make sure that "tuxmac" is a resolvable address, either by DNS or in /etc/hosts.  The portmap suggestion was more off-the-cuff; looking closely at your logs, it appears that name resolution is the culprit.

----------

## krunk

Thank you for the reply. This is where the confusion comes in, I too noticed the name resolution problem. This is why I made sure to include the output of 'hostname' on the server as well as the content of my /etc/hosts file. Both appear to be in order. 

*edit 1* I also know that the name is resolvable from my client, since I frequently ssh into the server using it's hostname: ssh user@tuxmac

*edit 2* 

```
#emerge portmap;

#tuxmac root # /etc/init.d/portmap start

 * WARNING:  "portmap" has already been started.

tuxmac root # /etc/init.d/portmap stop

 * Stopping NFS mountd...                                                 [ ok ]

 * Stopping NFS daemon...                                                 [ ok ]

 * Unexporting NFS directories...                                         [ ok ]

 * Stopping portmap...                                                    [ !! ]

 

tuxmac root # /etc/init.d/portmap stop

 * Stopping portmap...                                                    [ !! ]

tuxmac root # /etc/init.d/portmap zap

 * Manually resetting portmap to stopped state.

  tuxmac root # /etc/init.d/nfs start

 * Starting NFS statd...                                                   [ ok ]

 * Exporting NFS directories...                                         [ ok ]

 * Starting NFS daemon...                                               [ ok ]

 * Starting NFS mountd...           

```

However I still get this on the client end:

```

root@james krunk # /etc/init.d/nfsmount start

 * Starting NFS statd...                                                [ ok ]            

* Mounting NFS filesystems...

pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection reset by peer

mount: RPC: Remote system error - Connection refused

 * Error mounting NFS filesystems                                       [ !! ]

```

So, I'm halfway there...but still no go. Also my logs still don't show any relevant ports being dropped.[/quote]

----------

## tam1138

Why are there two tuxmac entries in /etc/hosts?  That seems really fishy to me.

----------

## krunk

My server (tuxmac) has one NIC facing outward (connected to ppp), and two facing inward. Each on it's own subnet. 

I'm beginning to suspect that it is a file permission problem actually. The hostname, iptables, etc config was working a few days ago. But I believe I had hardened my /etc/ files in the interim. 

Here's the only ones I know that are important:

```

drwxr-xr-x   46 root     users        4096 May  3 21:57 /etc

-rw-r--r--    1 root     root          465 May  3 11:07 /etc/hosts.allow

-rw-r--r--    1 root     root           63 May  3 11:08 /etc/hosts.deny

```

I did make a back up of the default perms before applying though, they look like this:

```

0:0:644:/etc/conf.d/iptables

0:0:755:/etc/skel

0:0:644:/etc/skel/.bashrc

0:0:644:/etc/skel/.bash_profile

0:0:755:/etc/runlevels

0:0:755:/etc/runlevels/default

0:0:777:/etc/runlevels/default/local

0:0:777:/etc/runlevels/default/netmount

0:0:755:/etc/runlevels/default/net.eth0

```

But of course, there are well over a thousand of them. . .Is there a way I can restore the perms using this file?

[/list]

----------

## Janne Pikkarainen

 *krunk wrote:*   

> 
> 
> I did make a back up of the default perms before applying though, they look like this:
> 
> ```
> ...

 

(Warning: Some very kludgy and ugly shell voodoo ahead; please proceed with extreme caution)

Try something like this:

```
while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < your_permissions_file
```

----------

## krunk

while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig

-bash: syntax error near unexpected token `done'

And Thanks!

*EDIT* FIXED---> while read each; do ******;done < file  :Smile: 

----------

## Janne Pikkarainen

 *krunk wrote:*   

> while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig
> 
> -bash: syntax error near unexpected token `done'
> 
> And Thanks!

 

Aww, of course there's a missing do command... the moral of the story: always test whatever you post here.  :Wink:  This one should work:

```
while read each; do chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig
```

----------

## krunk

LOL we posted at the same time.

----------

