[Dovecot] I stream read - stale NFS file handle (reboot of server)

Damon Atkins Damon_Atkins at yahoo.com.au
Wed Mar 17 08:38:23 EET 2010 

NFS Security 101 for NFSv2 and v3 (NOT NFSv4 a long time ago I was part 
of the discussion group for NFSv4 spec the short comings of v2 and v3 
have been fixed)

SRV: Server Exports File System /abc/123 access only to host=xyz.domain.com
XYZ: Client Mount mount's SRV:/abc/123
SRV: "mountd" gets a request from SRV check access list, and if the 
client is allowed access, returns File Handle for the top of the mount 
point (I will call this the FileSystemHandle, this changes after every 
reboot)
XYZ: Client talks to the SRV NFS Server "nfsd" using FileSystemHandle 
(which represents /abc/123), To find a FileHandle for a file the client 
sends the NFS server  the  FileSystemHandle, then finds the next File 
Handle (/mydir) and the next FileHandle (myfile) and the client has 
found the FileHandle for /abc/123/mydir/myfile

NFSD (v2/v3) is stateless other than the information provided by mountd 
(mount requests) and lockd (file locking). When you share/export a file 
system, as part of this a FileSystemHandle is generated and stored  
somewhere for /abc/123 most likely store in the kernel.

SRV: Reboots, a new FileSystemHandle is allocated
XYZ: Reports Stale File Handle for everything (if not most things) which 
was mounted from SRV or the mount point on the client does not respond.

A long time ago FileSystemHandle would stay the same between reboots and 
you wouldn't get this problem other than on an individual file.

To handle deleted files which are in use by NFS clients some servers 
rename them to .nfs* because if one client deleted and other clients 
where accessing the file then they would get Stale NFS handle.  Once in 
a while a NFS server will do find $dir -type f -name .nfs\* -mtime +7 
-mount -exec rm -f {} \; to clean up.


NFSv4 does not use mountd or lockd.
My advice to anyone on old versions of NFS upgrade to NFSv4 as soon as 
possible and implement KerbV5 for improved authentication and disallow 
NFSv2/3 access.

If you do not get the Stale File Handle error when the server reboots, 
it most likely means the FileSystemHandle is not changing between 
reboots, but then you may have more security issues. Software which 
Clusters NFS Servers ensures that the node which takes over, uses the 
same FileSystemHandle (which may only change if the whole Cluster is 
shutdown)

Cheers
Damon.

More information about the dovecot mailing list