Hi Gregor,
On Wed, Jan 17, 2018 at 06:12:59PM +0100, Gregor Zattler wrote:
> Package: nbd-client
> Version: 1:3.15.2-3
> Severity: normal
>
> Dear Maintainer,
>
> I do not know if this is a nbd-client or nbd-server related bug:
>
> There is a nbd server version 1:3.16.2-1 running on a debian
> testing/buster server with amongst others this definition of an
> export in /etc/nbd-server/config:
>
> [server-media]
> exportname = /dev/sda5
If you're doing that, you need to ensure that the NBD server has access
to /dev/sda5, at least read access (but possibly write access, too). Out
of the box, this is not possible (you can export files too).
In order to do so, you have two options:
- Either tell udev to change ownership and/or permissions of /dev/sda5
so that a process running as the "nbd" user and/or group can read (and
possibly write) to the device;
- Or comment out or change the "user" and/or "group" setting in the
configuration file, so that the user and/or group are no longer set to
"nbd" but instead to "disk" or left as "root".
If you don't do either of those, then the nbd-server will not have
access to the partitions and cannot possibly export it.
> flush = true
> fua = true
>
> When I connect to this export with nbd-client version 1:3.15.2-3
> from a debian stretch system I get:
>
> $ sudo nbd-client -name server-media shi /dev/nbd1
> Negotiation: ..Error: Read failed: End of file
> Exiting.
This is the normal error message you get when the server cannot access
the device in question.
> When I rename this export on the server to "shi-media", restart the
> nbd-server.service and do:
>
> $ sudo nbd-client -name shi-media shi /dev/nbd1
> Negotiation: ..size = 921600MB
> bs=1024, sz=966367641600 bytes
I suspect that something changed related to permissions in between the
two runs, and that that, rather than the name change, is responsible for
it succeeding the second time.
> I would assume this bug applies to all export names beginning
> with "server-".
>
> It should be possible to use export names beginning with
> "server-" or at least this restriction should be documented.
There is no such restriction. The only restrictions existing for export
names are one of length (4096 bytes maximum, although "only" 256 should
be used if one desires to remain compatible with other implementations)
and a practical one of legal characters for section headers implemented
by glib's GKeyFile API.
--
Could you people please use IRC like normal people?!?
-- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008
Hacklab
