> On 06/19/2017 05:22 AM, LUCAS Patrice wrote: > > On 06/16/17 15:21, Frank Filz wrote: > >>> On 06/15/17 21:34, Doug Ortega wrote: > >>>> Frank, > >>>> > >>>> Turns out that the nfs-ganesha proxy client was using a source port > >>>> > > >>>> 1024 for the nfs client connection to the server. I added the > >>>> 'insecure' option to export in /etc/exports on the server to allow > >>>> client connections from an unreserved source port. This let me get > >>>> past the issue with the NFS4ERR_PERM being returned on the lookup. > >>>> > >>>> Doug > >>>> > >>>> ------------------------------------------------------------------- > >>>> --- > >>>> -------- > >>>> > >>>> Check out the vibrant tech community on one of the world's most > >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot > >>>> _______________________________________________ > >>>> Nfs-ganesha-devel mailing list > >>>> Nfs-ganesha-devel@lists.sourceforge.net > >>>> https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel > >>> > >>> Hi Doug, > >>> > >>> > >>> By default, it's true that the nfs-ganesha proxy client is using a > >>> source port > > >>> 1024 to connect the background nfs server. You have an option to > >>> change this. If you want the proxy client use a privileged port, you > >>> should use the Use_Privileged_Client_Port option as this : > >>> > >>> PROXY > >>> { > >>> Remote_Server > >>> { > >>> Srv_Addr=192.168.1.30; > >>> > >>> Use_Privileged_Client_Port = true; > >>> > >>> } > >>> } > >>> > >>> > >>> Let me know if you are facing any problem by using this option. I > >>> will be happy to try to fix it. > >> Hmm, should we change the default to true? > >> > >> Frank > >> > >> > >> --- > >> This email has been checked for viruses by Avast antivirus software. > >> https://www.avast.com/antivirus > >> > > > > If everyone agrees, I can submit a patch that use a privileged port by > > default for the FSAL_PROXY client to connect the background NFS server. > > Let me know and I will do it. > > > > I'm fine with this. If someone wants to run proxy as non-root, they can > change this setting.
Agreed. Frank ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Nfs-ganesha-devel mailing list Nfs-ganesha-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
