Re: 2.4.17:Increase number of anonymous filesystems beyond 256?

Rainer Krienke (krienke@uni-koblenz.de)
Tue, 22 Jan 2002 14:08:14 +0100

On Tuesday, 22. January 2002 11:40, Trond Myklebust wrote:
> >>>>> " " == Rainer Krienke <krienke@uni-koblenz.de> writes:
> > portmap: connect from 127.0.0.1 to set(nfs): request from
> > unprivileged port rpc.nfsd: nfssvc: error Permission denied
> >
> > A strace of nfsd shows the problem: ... nfsservctl(0,
> > 0xbfffeed8, 0) = -1 EACCES (Permission denied) ...
>
> 'man 5 exports'
>
> secure This option requires that requests originate on an
> internet port less than IPPORT_RESERVED (1024).
> This option is on by default. To turn it off, spec­
> ify insecure.

This is not the problem. The exported filesystem is marked insecure. The
problem is that on the machine running Petes patch you cannot even start the
kernel nfsd, no matter what /etc/export contains. I f you try to start
/usr/sbin/rpc.nfsd (the kernel nfsd version) it tries to register with
portmap and to my interpretation the kernel denies this request with the
message from above. Since no nfsd can be started I cannot mount any
filesystem from this host.

So I still think that the reason for this is a check in the kernel, that
prevents connections from ports > 1024. But where exactly is this done?

Thanks Rainer

-- 
---------------------------------------------------------------------
Rainer Krienke                     krienke@uni-koblenz.de
Universitaet Koblenz, 		   http://www.uni-koblenz.de/~krienke
Rechenzentrum,                     Voice: +49 261 287 - 1312
Rheinau 1, 56075 Koblenz, Germany  Fax:   +49 261 287 - 1001312
---------------------------------------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/