Failed NFS mount command from Chad Price on 2000-07-01 (tru64-unix-managers)

From: Chad Price <cprice_at_molbio.unmc.edu>
Date: Fri, 30 Jun 2000 15:59:41 -0500

There are 3 alpha boxes running 4.0F. 2 in one city and 1 in another. I
normally update some data from CDROM via an NFS mount (from the local
system - bilbo.unmc.edu to the remote system - biocomp.unl.edu)

I find I am unable to mount the cdrom from the remote system, while the 2
local systems are perfectly happy cross mounting from each other (both
directions). A local Sun is also able to mount the cdrom drive.

It looks like this:

/etc/exports says:
/cdrom -ro 129.93.1.119 gsaf.unmc.edu molbio.unmc.edu biocomp.unl.edu

129.93.1.119 and biocomp.unl.edu are synonyms, and showmount -e shows them
as the same system (it substitutes the name for the number)

The mount error message is:

Bad MNT RPC: bilbo.unmc.edu:/usr: RPC: Authentication error; why = Server
rejected credential

This is also the error message when the /etc/exports file reads:
        /cdrom -ro

We have
(1) checked the firewall for rules and tested successfully with a Sun
(solaris 2.7) (and logged the transaction on the firewall - no indication
of a denial from the firewall is present)

(2) run a sniffer on it for a sucessful attempt with the Sun and an
unsucessful attempt with the alpha. We can see no difference, except when
the alpha talks to the alpha, the mount request is denied.

     RPC:
       RPC: Transaction id = 2991327610
       RPC: Type = 1 (Reply)
       RPC: Status = 1 (Denied)
       RPC: Reject status = 1 (Can't authenticate)
       RPC: Auth stat = 2
MOUNT:
       MOUNT: Reply -- Procedure = 1 (Mount)
DLC: --- Frame too short

But no userID or system authentication should be required if the exports
file says only
        /cdrom -ro
(leaving it open for the whole world to mount)?

In the sniffer, it almost looks like there is a DNS problem - but at the
user level, nslookup appears to give the right answers in both directions,
and telnet in both directions works.

The question: Where do I look now to see why the mount is failing?

(It has crossed my mind that what I should do it get out the OS CDROM and
reload the OS and then reload all the patches under the assumption that I
am confused and someone else now owns my systems via a root-kit - or maybe
the reload should be done to the remote system).

Chad

Chad Price
Systems Manager, Genetic Sequence Analysis Facility
University of Nebraska Medical Center
986495 Nebraska Medical Center
Omaha, NE 68506-6495
cprice_at_molbio.unmc.edu
(402) 559-9527
(402) 559-4077 (FAX)
Received on Fri Jun 30 2000 - 20:58:10 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:40 NZDT