Ubuntu
nfs-utils package

Merge ~sergiodj/ubuntu/+source/nfs-utils:bug1918141-service-file-adjustment-focal into ubuntu/+source/nfs-utils:ubuntu/focal-devel

  1. Git
  2. lp:~sergiodj/ubuntu/+source/nfs-utils
  3. bug1918141-service-file-adjustment-focal
  4. Merge into ubuntu/focal-devel
Proposed by Sergio Durigan Junior
Status: Approved
Approved by: Sergio Durigan Junior
Approved revision: ddb7979412ac74a367673e482f2bdb88cbb25340
Proposed branch: ~sergiodj/ubuntu/+source/nfs-utils:bug1918141-service-file-adjustment-focal
Merge into: ubuntu/+source/nfs-utils:ubuntu/focal-devel
Diff against target: 198 lines (+170/-0)
4 files modified
debian/changelog (+11/-0)
debian/patches/lp1918141-use-network-online-target-01.patch (+82/-0)
debian/patches/lp1918141-use-network-online-target-02.patch (+75/-0)
debian/patches/series (+2/-0)
Reviewer Review Type Date Requested Status
Utkarsh Gupta (community) Approve
Canonical Server Core Reviewers Pending
Review via email: mp+399744@code.launchpad.net

Description of the change

This is a fix for bug 1918141 on focal.

The issue here is that nfs-utils' systemd service file doesn't properly depend on network-online.target, which can cause problems when the host(s) listed on /etc/exports need to be resolved (i.e., are hostnames, not IP addresses).

The bug is a bit tricky to reproduce, but I wrote an SRU template which contains detailed instructions on how to do that.

nfs-utils is really old on Ubuntu/Debian, but I was able to backport the proper fixes from the upstream git. You will notice that, although the changes made to the service file are simple, I opted to keep them separated in two patches. This is done to reflect the fact that the change was made in two upstream commits.

I've already uploaded the fix to hirsute:

https://code.launchpad.net/~sergiodj/ubuntu/+source/nfs-utils/+git/nfs-utils/+merge/399688

You can find a PPA with the proposed fix here:

https://launchpad.net/~sergiodj/+archive/ubuntu/nfs-utils-bug1918141/+packages

autopkgtest is still happy:

autopkgtest [17:44:42]: @@@@@@@@@@@@@@@@@@@@ summary
local-server-client PASS

To post a comment you must log in.
Revision history for this message
Utkarsh Gupta (utkarsh) wrote :

Hi,

Same comments as for MP#399747; copying here as well.

* Changelog:
  - [✓] old content and logical tag match as expected
  - [✓] changelog entry correct version and targeted codename
  - [✓] changelog entries correct
  - [✓] update-maintainer has been run

* New Delta:
  - [✓] patches match what was proposed upstream
  - [✓] patches correctly included in debian/patches/series
  - [?] patches have correct DEP3 metadata

Minor comment here:
The first patch in the header (line 46 of the diff) has "Applied-Upstream: 2.1.2-rc2", which seems to be missing in the second patch. Whilst a trivial nitpick, but since it was there in the first patch, it looks like it wasn't included in the second one intentionally, which would mean that it wasn't applied upstream - which is not the case. So for this + consistency reasons, could you add the same line in the second patch as well?

* Build/Test:
  - [✓] build is ok
  - [✓] verified PPA package installs/uninstalls
  - [✓] autopkgtest against the PPA package passes

----------------------------------------------------

All looks good, no blocker, so I'm going to approve this.
Besides, is it a Ubuntu-specific problem? Is not not affecting Debian? If it is, do you intend to forward this upstream? If it isn't, then ignore this part! :)

review: Approve
Reply
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for the review, Utkarsh. I've added the Applied-Upstream header to the patch.

As for filing this bug against Debian's nfs-utils, we have already discussed about this on Mattermost but for the sake of completeness I will repeat what I said there: nfs-utils on Debian (and consequently on Ubuntu) is is a real sad state: the package is very outdated, with more than 100 bugs open, and not well maintained. This bug has been fixed by upstream a long time ago, and it is in our plans to update the package ASAP on Debian/Ubuntu during the next cycle, so instead of contributing to increase the vast number of bugs, I will focus on helping the Debian maintainer with the update and then bring it to Ubuntu.

Anyway, pushed and uploaded:

$ git push pkg upload/1%1.3.4-2.5ubuntu3.4
Enumerating objects: 17, done.
Counting objects: 100% (17/17), done.
Delta compression using up to 8 threads
Compressing objects: 100% (12/12), done.
Writing objects: 100% (12/12), 3.22 KiB | 549.00 KiB/s, done.
Total 12 (delta 8), reused 0 (delta 0)
To ssh://git.launchpad.net/ubuntu/+source/nfs-utils
 * [new tag] upload/1%1.3.4-2.5ubuntu3.4 -> upload/1%1.3.4-2.5ubuntu3.4
$ dput nfs-utils_1.3.4-2.5ubuntu3.4_source.changes
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /home/sergio/work/nfs-utils/nfs-utils_1.3.4-2.5ubuntu3.4_source.changes: Valid signature from 106DA1C8C3CBBF14
Checking signature on .dsc
gpg: /home/sergio/work/nfs-utils/nfs-utils_1.3.4-2.5ubuntu3.4.dsc: Valid signature from 106DA1C8C3CBBF14
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading nfs-utils_1.3.4-2.5ubuntu3.4.dsc: done.
  Uploading nfs-utils_1.3.4-2.5ubuntu3.4.debian.tar.xz: done.
  Uploading nfs-utils_1.3.4-2.5ubuntu3.4_source.buildinfo: done.
  Uploading nfs-utils_1.3.4-2.5ubuntu3.4_source.changes: done.
Successfully uploaded packages.

Reply

Unmerged commits

ddb7979... by Sergio Durigan Junior

changelog for 1:1.3.4-2.5ubuntu3.4

873d7f7... by Sergio Durigan Junior

  * Depend on network-online.target when starting services. (LP: #1918141)
    - d/p/lp1918141-use-network-online-target-01.patch: Declare a
      Wants=network-online.target on all NFS server services.
    - d/p/lp1918141-use-network-online-target-02.patch: Declare a
      After=network-online.target on all NFS server services.
    Thanks to Niklas Edmundsson for helping with the reproducer.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 70a22c8..cb08e10 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,14 @@
6+nfs-utils (1:1.3.4-2.5ubuntu3.4) focal; urgency=medium
7+
8+ * Depend on network-online.target when starting services. (LP: #1918141)
9+ - d/p/lp1918141-use-network-online-target-01.patch: Declare a
10+ Wants=network-online.target on all NFS server services.
11+ - d/p/lp1918141-use-network-online-target-02.patch: Declare a
12+ After=network-online.target on all NFS server services.
13+ Thanks to Niklas Edmundsson for helping with the reproducer.
14+
15+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Tue, 16 Mar 2021 16:07:55 -0400
16+
17 nfs-utils (1:1.3.4-2.5ubuntu3.3) focal-security; urgency=medium
18
19 * SECURITY UPDATE: privilege escalation via directory permissions
20diff --git a/debian/patches/lp1918141-use-network-online-target-01.patch b/debian/patches/lp1918141-use-network-online-target-01.patch
21new file mode 100644
22index 0000000..680bb2f
23--- /dev/null
24+++ b/debian/patches/lp1918141-use-network-online-target-01.patch
25@@ -0,0 +1,82 @@
26+From: Steve Dickson <steved@redhat.com>
27+Date: Mon, 10 Apr 2017 07:16:58 -0400
28+Subject: systemd: NFS server services should use network-online
29+
30+There has been an number startup problems where parts of
31+the NFS server fails to start due to DNS and other
32+parts of the network not be up.
33+
34+Reading the systemd.special it seems network.target is
35+a passive unit which does not wait for the entire
36+network to come up and network-online.target is an
37+active unit which does wait.
38+
39+So this adds Wants=network-online.target to all of
40+the NFS server services
41+
42+Signed-off-by: Steve Dickson <steved@redhat.com>
43+
44+Origin: backport, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=9d4fc3fb
45+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1918141
46+Applied-Upstream: 2.1.2-rc2
47+---
48+ systemd/nfs-mountd.service | 2 +-
49+ systemd/nfs-server.service | 2 +-
50+ systemd/rpc-statd-notify.service | 2 +-
51+ systemd/rpc-statd.service | 3 ++-
52+ 4 files changed, 5 insertions(+), 4 deletions(-)
53+
54+diff --git a/systemd/nfs-mountd.service b/systemd/nfs-mountd.service
55+index 5f5f0a9..e4ac50d 100644
56+--- a/systemd/nfs-mountd.service
57++++ b/systemd/nfs-mountd.service
58+@@ -2,8 +2,8 @@
59+ Description=NFS Mount Daemon
60+ DefaultDependencies=no
61+ Requires=proc-fs-nfsd.mount
62++Wants=network-online.target
63+ After=proc-fs-nfsd.mount
64+-After=network.target local-fs.target
65+ After=rpcbind.socket
66+ BindsTo=nfs-server.service
67+
68+diff --git a/systemd/nfs-server.service b/systemd/nfs-server.service
69+index 23e67f8..bbcd967 100644
70+--- a/systemd/nfs-server.service
71++++ b/systemd/nfs-server.service
72+@@ -3,7 +3,7 @@ Description=NFS server and services
73+ DefaultDependencies=no
74+ Requires=network.target proc-fs-nfsd.mount
75+ Requires=nfs-mountd.service
76+-Wants=rpcbind.socket
77++Wants=rpcbind.socket network-online.target
78+ Wants=nfs-idmapd.service
79+
80+ After=local-fs.target
81+diff --git a/systemd/rpc-statd-notify.service b/systemd/rpc-statd-notify.service
82+index 05c54ef..29a4821 100644
83+--- a/systemd/rpc-statd-notify.service
84++++ b/systemd/rpc-statd-notify.service
85+@@ -1,7 +1,7 @@
86+ [Unit]
87+ Description=Notify NFS peers of a restart
88+ DefaultDependencies=no
89+-Requires=network.target
90++Wants=network-online.target
91+ After=local-fs.target network.target nss-lookup.target
92+
93+ # if we run an nfs server, it needs to be running before we
94+diff --git a/systemd/rpc-statd.service b/systemd/rpc-statd.service
95+index 2138f74..ee6e05c 100644
96+--- a/systemd/rpc-statd.service
97++++ b/systemd/rpc-statd.service
98+@@ -3,7 +3,8 @@ Description=NFS status monitor for NFSv2/3 locking.
99+ DefaultDependencies=no
100+ Conflicts=umount.target
101+ Requires=nss-lookup.target rpcbind.socket
102+-After=network.target nss-lookup.target rpcbind.socket
103++Wants=network-online.target
104++After=nss-lookup.target rpcbind.socket
105+
106+ PartOf=nfs-utils.service
107+
108diff --git a/debian/patches/lp1918141-use-network-online-target-02.patch b/debian/patches/lp1918141-use-network-online-target-02.patch
109new file mode 100644
110index 0000000..52715e3
111--- /dev/null
112+++ b/debian/patches/lp1918141-use-network-online-target-02.patch
113@@ -0,0 +1,75 @@
114+From: Steve Dickson <steved@redhat.com>
115+Date: Mon, 24 Apr 2017 11:25:39 -0400
116+Subject: systemd: Afters are also needed for the Wants=network-online.target
117+
118+Commit 9d4fc3fb added Wants=network-online.target which
119+is not enough to ensure the network is completely up
120+before the NFS server is started. After=network-online.target
121+is also needed.
122+
123+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1419351
124+
125+Signed-off-by: Steve Dickson <steved@redhat.com>
126+
127+Origin: backport, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=09e5c6c2a3f8eac91d5353e6d4ff6aee7757ab08
128+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1918141
129+---
130+ systemd/nfs-mountd.service | 1 +
131+ systemd/nfs-server.service | 4 ++--
132+ systemd/rpc-statd-notify.service | 2 +-
133+ systemd/rpc-statd.service | 2 +-
134+ 4 files changed, 5 insertions(+), 4 deletions(-)
135+
136+diff --git a/systemd/nfs-mountd.service b/systemd/nfs-mountd.service
137+index e4ac50d..ed357a2 100644
138+--- a/systemd/nfs-mountd.service
139++++ b/systemd/nfs-mountd.service
140+@@ -4,6 +4,7 @@ DefaultDependencies=no
141+ Requires=proc-fs-nfsd.mount
142+ Wants=network-online.target
143+ After=proc-fs-nfsd.mount
144++After=network-online.target local-fs.target
145+ After=rpcbind.socket
146+ BindsTo=nfs-server.service
147+
148+diff --git a/systemd/nfs-server.service b/systemd/nfs-server.service
149+index bbcd967..6cc7a77 100644
150+--- a/systemd/nfs-server.service
151++++ b/systemd/nfs-server.service
152+@@ -6,8 +6,8 @@ Requires=nfs-mountd.service
153+ Wants=rpcbind.socket network-online.target
154+ Wants=nfs-idmapd.service
155+
156+-After=local-fs.target
157+-After=network.target proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service
158++After=network-online.target local-fs.target
159++After=proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service
160+ After=nfs-idmapd.service rpc-statd.service
161+ Before=rpc-statd-notify.service
162+
163+diff --git a/systemd/rpc-statd-notify.service b/systemd/rpc-statd-notify.service
164+index 29a4821..c1cf45c 100644
165+--- a/systemd/rpc-statd-notify.service
166++++ b/systemd/rpc-statd-notify.service
167+@@ -2,7 +2,7 @@
168+ Description=Notify NFS peers of a restart
169+ DefaultDependencies=no
170+ Wants=network-online.target
171+-After=local-fs.target network.target nss-lookup.target
172++After=local-fs.target network-online.target nss-lookup.target
173+
174+ # if we run an nfs server, it needs to be running before we
175+ # tell clients that it has restarted.
176+diff --git a/systemd/rpc-statd.service b/systemd/rpc-statd.service
177+index ee6e05c..8961f64 100644
178+--- a/systemd/rpc-statd.service
179++++ b/systemd/rpc-statd.service
180+@@ -4,7 +4,7 @@ DefaultDependencies=no
181+ Conflicts=umount.target
182+ Requires=nss-lookup.target rpcbind.socket
183+ Wants=network-online.target
184+-After=nss-lookup.target rpcbind.socket
185++After=network-online.target nss-lookup.target rpcbind.socket
186+
187+ PartOf=nfs-utils.service
188+
189diff --git a/debian/patches/series b/debian/patches/series
190index 02489cf..de8cec0 100644
191--- a/debian/patches/series
192+++ b/debian/patches/series
193@@ -26,3 +26,5 @@ fix-start-ordering-1.patch
194 fix-start-ordering-2.patch
195 fix-start-ordering-3.patch
196 CVE-2019-3689.patch
197+lp1918141-use-network-online-target-01.patch
198+lp1918141-use-network-online-target-02.patch

Subscribers

People subscribed via source and target branches