Hi Gregor, On Wed, Jan 17, 2018 at 06:12:59PM +0100, Gregor Zattler wrote: > Package: nbd-client > Version: 1:3.15.2-3 > Severity: normal > > Dear Maintainer, > > I do not know if this is a nbd-client or nbd-server related bug: > > There is a nbd server version 1:3.16.2-1 running on a debian > testing/buster server with amongst others this definition of an > export in /etc/nbd-server/config: > > [server-media] > exportname = /dev/sda5
If you're doing that, you need to ensure that the NBD server has access to /dev/sda5, at least read access (but possibly write access, too). Out of the box, this is not possible (you can export files too). In order to do so, you have two options: - Either tell udev to change ownership and/or permissions of /dev/sda5 so that a process running as the "nbd" user and/or group can read (and possibly write) to the device; - Or comment out or change the "user" and/or "group" setting in the configuration file, so that the user and/or group are no longer set to "nbd" but instead to "disk" or left as "root". If you don't do either of those, then the nbd-server will not have access to the partitions and cannot possibly export it. > flush = true > fua = true > > When I connect to this export with nbd-client version 1:3.15.2-3 > from a debian stretch system I get: > > $ sudo nbd-client -name server-media shi /dev/nbd1 > Negotiation: ..Error: Read failed: End of file > Exiting. This is the normal error message you get when the server cannot access the device in question. > When I rename this export on the server to "shi-media", restart the > nbd-server.service and do: > > $ sudo nbd-client -name shi-media shi /dev/nbd1 > Negotiation: ..size = 921600MB > bs=1024, sz=966367641600 bytes I suspect that something changed related to permissions in between the two runs, and that that, rather than the name change, is responsible for it succeeding the second time. > I would assume this bug applies to all export names beginning > with "server-". > > It should be possible to use export names beginning with > "server-" or at least this restriction should be documented. There is no such restriction. The only restrictions existing for export names are one of length (4096 bytes maximum, although "only" 256 should be used if one desires to remain compatible with other implementations) and a practical one of legal characters for section headers implemented by glib's GKeyFile API. -- Could you people please use IRC like normal people?!? -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008 Hacklab