hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brandon Li (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-6439) NFS should not reject NFS requests to the NULL procedure whether port monitoring is enabled or not
Date Tue, 20 May 2014 23:57:37 GMT

     [ https://issues.apache.org/jira/browse/HDFS-6439?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brandon Li updated HDFS-6439:
-----------------------------

    Description: 
As discussed in HDFS-6406, this JIRA is to track the follow update:

1. Port monitoring is the feature name with traditional NFS server and we may want to make
the config property (along with related variable allowInsecurePorts) something as dfs.nfs.port.monitoring.


2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):

{quote}    Whether port monitoring is enabled or not, NFS servers SHOULD NOT reject NFS requests
to the NULL procedure (procedure number 0). See subsection 2.3.1, "NULL procedure" for a complete
explanation. {quote}

I do notice that NFS clients (most time) send mount NULL and nfs NULL from non-privileged
port. If we deny NULL call in mountd or nfs server, the client can't mount the export even
as user root.

3. it would be nice to have the user guide updated for the port monitoring feature.

  was:
As discussed in HDFS-6406, this JIRA is to track the follow update:

1. Port monitoring is the feature name with traditional NFS server and we may want to make
the config property (along with related variable allowInsecurePorts) something as dfs.nfs.port.monitoring.


2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):

{quote}    Whether port monitoring is enabled or not, NFS servers SHOULD NOT reject NFS requests
to the NULL procedure (procedure number 0). See subsection 2.3.1, "NULL procedure" for a complete
explanation. {quote}

I do notice that NFS clients (most time) send mount NULL and nfs NULL from no privileged port.
If we deny that call in mountd or nfs server, the client can't mount the export even as user
root.

3. it would be nice to have the user guide updated for the port monitoring feature.


> NFS should not reject NFS requests to the NULL procedure whether port monitoring is enabled
or not
> --------------------------------------------------------------------------------------------------
>
>                 Key: HDFS-6439
>                 URL: https://issues.apache.org/jira/browse/HDFS-6439
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: nfs
>            Reporter: Brandon Li
>         Attachments: mount-nfs-requests.pcapng
>
>
> As discussed in HDFS-6406, this JIRA is to track the follow update:
> 1. Port monitoring is the feature name with traditional NFS server and we may want to
make the config property (along with related variable allowInsecurePorts) something as dfs.nfs.port.monitoring.

> 2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):
> {quote}    Whether port monitoring is enabled or not, NFS servers SHOULD NOT reject NFS
requests to the NULL procedure (procedure number 0). See subsection 2.3.1, "NULL procedure"
for a complete explanation. {quote}
> I do notice that NFS clients (most time) send mount NULL and nfs NULL from non-privileged
port. If we deny NULL call in mountd or nfs server, the client can't mount the export even
as user root.
> 3. it would be nice to have the user guide updated for the port monitoring feature.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message