Project

General

Profile

Bug #6911

nfs4: unexpected permission denied

Added by Simon Klinkert almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
nfs - NFS server and client
Start date:
2016-04-14
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

When listing non-shared subdirectories via nfs, nfs isn't able to recover from "permission denied" error when the subdirectories are shared at some later point on the server. We often hit this problem while mounting+sharing thousands of mountpoints and clients start listing directories immediately. One workaround is to ls the parent directory.

### umount and unshare on server
ssh nfsserver unshare /mnt/export/mgmt
ssh nfsserver umount /mnt/export/mgmt

### mount but don't share
ssh nfsserver mount -F zfs export/mgmt /mnt/export/mgmt

### ls will return permission denied error
ls -l /mnt/export/mgmt
ls: error reading directory /mnt/export/mgmt: Permission denied
total 0

### now share the subdirectory on server
ssh nfsserver share /mnt/export/mgmt

### still a permission denied -> wrong
ls -l /mnt/export/mgmt
ls: error reading directory /mnt/export/mgmt: Permission denied
total 0

### ls parent dir
ls -l /mnt/export > /dev/null

### the error is gone now
ls -l /mnt/export/mgmt
total 30
drwxr-xr-x   2 root     root           2 Nov 27  2013 wrstftr
(...)

It looks like the listing result of the first ls is somewhere cached even when the ls wasn't successful.

History

#1

Updated by Marcel Telka over 3 years ago

  • Assignee set to Marcel Telka
#2

Updated by Marcel Telka over 3 years ago

  • Status changed from New to In Progress
#3

Updated by Marcel Telka over 3 years ago

There are two separate, but tightly related bugs contributing to the issue:

  • At the NFSv4 server side we do not notify the NFSv4 client when the NFSv4 namespace changes. According the RFC 7530 we should do that by changing the change attribute for the particular file system object.
  • The NFSv4 client completely ignores the change attribute during the attribute cache validity evaluation.
#5

Updated by Marcel Telka over 3 years ago

  • Status changed from In Progress to Pending RTI
#6

Updated by Electric Monk over 3 years ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit 4a6959565df1e2af817732421764a9da2f446da9

commit  4a6959565df1e2af817732421764a9da2f446da9
Author: Marcel Telka <marcel@telka.sk>
Date:   2016-11-29T16:08:04.000Z

    6911 nfs4: unexpected permission denied
    Reviewed by: Simon Klinkert <simon.klinkert@gmail.com>
    Reviewed by: Igor Kozhukhov <igor@dilos.org>
    Approved by: Dan McDonald <danmcd@omniti.com>

Also available in: Atom PDF