这两天在迁移阿里云服务器,因为是灾备服务器,长期没有使用,而当时服务器也没能成功挂载,这次迁移也想把这个问题解决了。
网上找了各种方法,先重启rpcbind,再重启nfs,无论怎么重启,都报“Starting NFS quotas: Cannot register service: RPC: Authentication error; why = Client credential too weak
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).”错误。
具体报错信息:
Shutting down NFS daemon: [ OK ]
Shutting down NFS mountd: [ OK ]Shutting down NFS quotas: [FAILED]
Shutting down RPC idmapd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS quotas: Cannot register service: RPC: Authentication error; why = Client credential too weak
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).[FAILED]
Starting NFS mountd: rpc.mountd: svc_tli_create: could not open connection for udp6
rpc.mountd: svc_tli_create: could not open connection for tcp6
rpc.mountd: svc_tli_create: could not open connection for udp6
rpc.mountd: svc_tli_create: could not open connection for tcp6
rpc.mountd: svc_tli_create: could not open connection for udp6
rpc.mountd: svc_tli_create: could not open connection for tcp6 [ OK ]
Starting NFS daemon: rpc.nfsd: address family inet6 not supported by protocol TCP[ OK ]
Starting RPC idmapd: [ OK ]
通过逐步的排查,最后发现是因为在 /etc/hosts.deny中配置了ALL:ALL
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
ALL:ALL
就是这个问题导致了无法启动nfs,Authentication error; why = Client credential too weak(授权错误,客户凭证太弱的问题),这也导致了ssh这台机器无法连接。
解决方案:
1. 直接注释掉ALL:ALL,或者缩小拒绝访问的ip
2. 在/etc/hosts.allow中添加一行ALL:127.0.0.1
以上两种方法任意一种都可以,配置后再重启nfs服务就OK了!