Menu
What's new
By:
Filters Better Search

[RT-AC68U 380.69] NFS Export security problem (bug?)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

brambil

brambil

Occasional Visitor
Good moring to all!

I've an RT-AC68U with Merlin 380.69, and a problem with NFS Export.


I've SMB configured, with 2 users, and everything is ok.
In addiction I've also NFS export, configured in this way:
Code: 
/mnt/NAS 192.168.0.3/32 rw,sync
.

In my fstab of 192.168.0.3 (witch is a DHCP-static lease), Debian Testing, this line:
Code: 
192.168.0.1:/tmp/mnt/NAS        /mnt/NAS        nfs4    noauto,_netdev,bg,nofail,nolock,rw,users,relatime,rsize=8192,wsize=8192         0       0

1. If I use the PC as "nicola" user, the same username in SMB config of the router (but different password) I get the same limitation I put in SMB, if I use a different account (root or another user) I can access everywhere. Also "ls" has a strange behavior for user "nicola", first says denied, but finally lists everything ...
Code: 
nicola@nicola-debian:/mnt/NAS$ ls
'ARCHIVIO FOTO'       Download           jffs_scripts_backup_2018-01-02_12-11.tgz   Musica
 calibre              Download2          jffs_scripts_backup_2018-01-02_13-31.tgz   myswap.swp
 Case                 entware            Log                                        skynet
 config_default.php   entware-setup.sh   mezzi                                      Uni
nicola@nicola-debian:/mnt/NAS$ ls Download2/
ls: impossibile accedere a 'Download2/config': Permesso negato
ls: impossibile accedere a 'Download2/Seeds': Permesso negato
ls: impossibile accedere a 'Download2/Complete': Permesso negato
ls: impossibile accedere a 'Download2/InComplete': Permesso negato
Complete  config  InComplete  Seeds
nicola@nicola-debian:/mnt/NAS$ ls Download2/config
ls: impossibile accedere a 'Download2/config': Permesso negato
nicola@nicola-debian:/mnt/NAS$ cd Download2/
-bash: cd: Download2/: Permesso negato
nicola@nicola-debian:/mnt/NAS$ su marinella
Password:
marinella@nicola-debian:/mnt/NAS$ ls
'ARCHIVIO FOTO'       Download           jffs_scripts_backup_2018-01-02_12-11.tgz   Musica
 calibre              Download2          jffs_scripts_backup_2018-01-02_13-31.tgz   myswap.swp
 Case                 entware            Log                                        skynet
 config_default.php   entware-setup.sh   mezzi                                      Uni
marinella@nicola-debian:/mnt/NAS$ ls Download2/
Complete  config  InComplete  Seeds
marinella@nicola-debian:/mnt/NAS# ls Download2/config/
blocklists/    dht.dat        nzbget/        resume/        settings.json  torrents/
(marinella isn't a smb user on the router...)

2. BIG problem. If from PC 192.168.0.50 (notebook via wi-fi, Debian testing) I make showmount I get this ...

Code: 
root@eeepc:/mnt# showmount -e 192.168.0.1
Export list for 192.168.0.1:
/tmp/mnt/NAS 192.168.0.3/24
root@eeepc:/mnt# mount 192.168.0.1:/tmp/mnt/NAS /mnt/NAS
root@eeepc:/mnt# ls NAS/
'ARCHIVIO FOTO'       Download         jffs_scripts_backup_2018-01-02_12-11.tgz   Musica
 calibre          Download2         jffs_scripts_backup_2018-01-02_13-31.tgz   myswap.swp
 Case              entware         Log                        skynet
 config_default.php   entware-setup.sh     mezzi                        Uni
root@eeepc:/mnt#
root@eeepc:/mnt# exit
exit

nicola@eeepc:~/bin$ ls /mnt/NAS
'ARCHIVIO FOTO'       Download           jffs_scripts_backup_2018-01-02_12-11.tgz   Musica
 calibre              Download2          jffs_scripts_backup_2018-01-02_13-31.tgz   myswap.swp
 Case                 entware            Log                                        skynet
 config_default.php   entware-setup.sh   mezzi                                      Uni
nicola@eeepc:~/bin$ cd /mnt/NAS
nicola@eeepc:/mnt/NAS$ ls Download2/
ls: impossibile accedere a 'Download2/config': Permesso negato
ls: impossibile accedere a 'Download2/Seeds': Permesso negato
ls: impossibile accedere a 'Download2/Complete': Permesso negato
ls: impossibile accedere a 'Download2/InComplete': Permesso negato
Complete  config  InComplete  Seeds
nicola@eeepc:/mnt/NAS$

I think there are many bugs in this NFS implementation.
 
Last edited:
Yes.
I made a mistake writing the post, the config was right.
It seems NFS take /24 instead of /32 configured.

I don't know if the problem was also in past relase or only in this one, I noticed it today.
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
S Help Required AC68U (TM-AC1900) troubleshooting after power outage Asuswrt-Merlin 3
A Help Required Upgrading AC68U from Stock FW to Merlin Please? Asuswrt-Merlin 15
C Where to Download GNUton's Asus Merlin For DSL-AC68U Asuswrt-Merlin 5
dbaser ASUS RT-AC68U not working after Merlin firmware update, did I brick it? Asuswrt-Merlin 15
T Cloudflared Tunnel in RT-AC68U Asuswrt-Merlin 0
C Need urgent help with home internet w/ RT-AC68U! Willing to do anything to get this fixed! Asuswrt-Merlin 5
B RT-AC68U QoS and questions about latest Merlin Asuswrt-Merlin 20
T GT-AX6000+RT-AC68U=no aimesh Asuswrt-Merlin 17
H Asus RT-AC68U SSH not responsive after time, reboot not helping. Asuswrt-Merlin 4
R High CPU usage AC68U Asuswrt-Merlin 16

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 752 (members: 23, guests: 729)
Top