Skip to navigation

Bug Fix Advisory nfs-utils bug fix and enhancement update

Advisory: RHBA-2013:0068-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-01-07
Last updated on: 2013-01-07
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

Updated nfs-utils packages that fix multiple bugs and add one enhancement are
now available for Red Hat Enterprise Linux 5.

The nfs-utils packages provide a daemon for the kernel Network File System (NFS)
server, and related tools such as mount.nfs, umount.nfs, and showmount.

This update fixes the following bugs:

* After the ownership of the state directory is set to "rpcuser:rpcuser", the
"rpc.statd" daemon drops its privileges. This led to a file access error when
"rpc.statd" tried to unlink the backup directory at a later time. With this
update, the ownership of the backup directory is set to be the same as the UID
and GID of the "/var/lib/nfs/statd" directory. As a result, the problem no
longer occurs. (BZ#782455)

* Previously, in BZ#513094, the "noresvport option", which allows NFS clients to
use insecure ports (ports above 1023), was added to the NFS server configuration
options. Due to a regression, the umount tool was not interpreting the
"resvport" and "noresvport" values correctly which in turn caused the unmount
process to fail. With this update, the code has been improved to correctly
handle the "resvport" and "noresvport" options and the umount tool now works as
expected in the scenario described. The default is for NFS mounts to use
reserved ports. (BZ#783147)

* The NFS mount daemon allows a user to disable version 2 of the NFS protocol by
changing the value of the "MOUNTD_NFS_V2" option in the "/etc/sysconfig/nfs"
configuration file to "no". This setting also disables NFS version 1 and
therefore NFS shares are mounted by the client with NFS version 3. Previously,
the code for unmounting a shared file system from a server with such a
configuration attempted to use NFS version 1 and failed with an error. This
update applies a patch that addresses this issue so that shared file systems can
now be unmounted as expected in the scenario described. (BZ#804681)

This update also adds the following enhancement:

* A timeout option, "-t, --timeout", has been added to the client side
"rpc.gssd" daemon so that the administrator of an NFS client can specify a
timeout period for expiry of the Kerberos GSS (General Security Services) share
context cache in the kernel. After the timeout interval, "rpc.gssd" is consulted
to create a new context. By default, the timeout value is "0", that is to say no
timeout at all. This follows the previous behavior where the expiry of kernel
GSS contexts is the same as the expiry of the Kerberos ticket used in its
creation. (BZ#507341)

All users of nfs-utils are advised to upgrade to these updated packages, which
fix these bugs and add this enhancement.


Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
nfs-utils-1.0.9-66.el5.src.rpm
File outdated by:  RHBA-2013:1301
    MD5: dddf6a3327bd7ed9e835e8852b2dae3b
SHA-256: 98d999417f684b8b1c1d94b2bf7e661c105f7dc7469113924b86abfe9da1e28e
 
IA-32:
nfs-utils-1.0.9-66.el5.i386.rpm
File outdated by:  RHBA-2013:1301
    MD5: f962e24f62190785dbad7f710afa184d
SHA-256: cf2a26bbd62ca87809d4cd176a6a49d76bcee105edb944129873355c24131aca
nfs-utils-debuginfo-1.0.9-66.el5.i386.rpm
File outdated by:  RHBA-2013:1301
    MD5: c9c7c8f3c127bcef7cc0f0f95e3ea477
SHA-256: 092bf42415d0342ba76e13d3bb6ceeff7ac4d19b93263d19f5c2d9f7437b3262
 
IA-64:
nfs-utils-1.0.9-66.el5.ia64.rpm
File outdated by:  RHBA-2013:1301
    MD5: 15af2e452a841c8ede80019b18fc64a7
SHA-256: e0bb164481438e9500a1fa31887e8e95e5257839c315ada4c48ed74c122eddd6
nfs-utils-debuginfo-1.0.9-66.el5.ia64.rpm
File outdated by:  RHBA-2013:1301
    MD5: 12705a4bca0aefe5c2ab041f5cba3870
SHA-256: acd89cd14a6bb9a4f2614495551d8c2829dc159ee645b69a3bcd0b91212c5b69
 
PPC:
nfs-utils-1.0.9-66.el5.ppc.rpm
File outdated by:  RHBA-2013:1301
    MD5: 32d86fd043cf5a6fb4c8874fd0245597
SHA-256: 6a4c9239f3f89858824bc829050e160d689249a6da79ea8559d1b89451e3d222
nfs-utils-debuginfo-1.0.9-66.el5.ppc.rpm
File outdated by:  RHBA-2013:1301
    MD5: f62e229bec976b5ddc70b4c4fbbb0959
SHA-256: b37ad2e80877fe4f3550777e1de4b53cdd728c48a06868f9729cfe59ae93fd42
 
s390x:
nfs-utils-1.0.9-66.el5.s390x.rpm
File outdated by:  RHBA-2013:1301
    MD5: fc98cb9bd8521663959cc3563e6dee40
SHA-256: ff9c06564cc8e21e259d90967c122399698d9f386b9973168a0eb6786dfc819b
nfs-utils-debuginfo-1.0.9-66.el5.s390x.rpm
File outdated by:  RHBA-2013:1301
    MD5: d3eb2e25a3f5192161a337b842a8ab95
SHA-256: 6ec68d0d9cbf043fff4154a0d006e014e7dbfd066bf7ec89f501afcb8a745e34
 
x86_64:
nfs-utils-1.0.9-66.el5.x86_64.rpm
File outdated by:  RHBA-2013:1301
    MD5: 879298add1f3e35392579c451e9e8493
SHA-256: 5350db8fdf57721e7239f33d7a70adec163bdc35f904eac0dc8d8d67e060c9fc
nfs-utils-debuginfo-1.0.9-66.el5.x86_64.rpm
File outdated by:  RHBA-2013:1301
    MD5: dcffceb3db90b72e94e72d60033123c1
SHA-256: 02bb3b090d1cf554ed07d4b62f4b1f24dfb3eb55b9089f8bb12c274f4569b753
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
nfs-utils-1.0.9-66.el5.src.rpm
File outdated by:  RHBA-2013:1301
    MD5: dddf6a3327bd7ed9e835e8852b2dae3b
SHA-256: 98d999417f684b8b1c1d94b2bf7e661c105f7dc7469113924b86abfe9da1e28e
 
IA-32:
nfs-utils-1.0.9-66.el5.i386.rpm
File outdated by:  RHBA-2013:1301
    MD5: f962e24f62190785dbad7f710afa184d
SHA-256: cf2a26bbd62ca87809d4cd176a6a49d76bcee105edb944129873355c24131aca
nfs-utils-debuginfo-1.0.9-66.el5.i386.rpm
File outdated by:  RHBA-2013:1301
    MD5: c9c7c8f3c127bcef7cc0f0f95e3ea477
SHA-256: 092bf42415d0342ba76e13d3bb6ceeff7ac4d19b93263d19f5c2d9f7437b3262
 
x86_64:
nfs-utils-1.0.9-66.el5.x86_64.rpm
File outdated by:  RHBA-2013:1301
    MD5: 879298add1f3e35392579c451e9e8493
SHA-256: 5350db8fdf57721e7239f33d7a70adec163bdc35f904eac0dc8d8d67e060c9fc
nfs-utils-debuginfo-1.0.9-66.el5.x86_64.rpm
File outdated by:  RHBA-2013:1301
    MD5: dcffceb3db90b72e94e72d60033123c1
SHA-256: 02bb3b090d1cf554ed07d4b62f4b1f24dfb3eb55b9089f8bb12c274f4569b753
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

507341 - svcgssd: Add time out argument
782455 - rpc.statd does not chown the sm.bak dir before dropping privs
783147 - Cannot unmount nfsv3 mounts
804681 - Cannot unmount NFS share if Mount version 2 is disabled.



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/