/usr/lib/systemd/system-generators/nfs-server-generator failed

Hi,

I have a small server running Fedora 41, and in the dmesg output I have this line:

[ 5.410928] (sd-exec-[496]: /usr/lib/systemd/system-generators/nfs-server-generator failed with exit status 1.

How can I figure out what is the problem, and how to fix that? Obviously, I’d like to get rid of the error message.

This error message appeared several weeks agon, without me doing any changes to NFS config. All NFS services are running fine, systemctl –all –failed lists nothing.

Not sure what I need to provide to help solving this, so please ask for any relevant info.

-Paavo

Try this command and see if you get any clues.

sudo journalctl -b 0 -g nfs-server-gen | cat

I would assume that it’s processing /etc/exports.
Maybe its unhappy with one of the entries? But in that case I would have hoped for a log.
Maybe selinux is triggering?

In my case I’m using f42 for my NFS server.

Thanks, immediately clear reason visible:

Sep 02 20:02:11 my.hostname.tld setroubleshoot[17093]: SELinux is preventing nfs-server-gene from add_name access on the directory nfs-server.service.d. For complete SELinux messages run: sealert -l d944b9e4-0011-42a5-a8ba-720939366dbb
Sep 02 20:02:11 my.hostname.tld setroubleshoot[17093]: SELinux is preventing nfs-server-gene from add_name access on the directory nfs-server.service.d.

Plugin catchall (100. confidence) suggests

If you believe that nfs-server-gene should be allowed add_name access on the nfs-server.service.d directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
ausearch -c ‘nfs-server-gene’ --raw | audit2allow -M my-nfsservergene
semodule -X 300 -i my-nfsservergene.pp

But how to fix selinux permissions for this folder?

sudo find / -type d -name nfs-server.service.d 2> /dev/null
(no output)

sudo semanage fcontext -l | grep -i nfs | grep -i gen
/usr/lib/systemd/system-generators/nfs.* regular file system_u:object_r:nfsd_exec_t:s0

sudo semanage fcontext -l | grep -i nfs | grep -i ser
(no output)

How can I find what to do with semanage fcontext & restorecon?

I’m not a selinux expert, but you should be able to web search for the answer, something like “fedora fix selinux permissions”?

Anybody know where this “nfs-server.service.d” directory is in the filesystem?

It will be generated by the generator as /run/systemd/generator/nfs-server.service.d/order-with-mounts.conf.

It is a plugin file for the nfs-server.service unit to ensure that the exported directory is available when starting the nfs service. The file contains appropriate RequiresMountsFor= lines for the exported file systems.

OK, now I found it, but not on the system that has the error.

Other system:
ls -axl /run/systemd/generator/nfs-server.service.d/
total 4
drwxr-xr-x. 2 root root 60 Sep 1 08:06 .
drwxr-xr-x. 10 root root 360 Sep 1 08:06 ..
-rw-r–r–. 1 root root 342 Sep 1 08:06 order-with-mounts.conf

This system (that has the problem):
ls -axl /run/systemd/generator/nfs-server.service.d/
ls: cannot access ‘/run/systemd/generator/nfs-server.service.d/’: No such file or directory

Can I semanage fcontext a non-existent directory?

Not really. These files and directories are created when needed, and they all are removed when you power down or reboot.

What is more interesting is the type=AVC line from the log, which will tell much more about the SELinux issue.

This problem solved itself yesterday. Did two things

• installed all available updates, previous update was 7-10 days ago
• disconnected faulty USB disk, which I was trying to fill with zeros

Not sure what fixed it, but now the problem is gone and I’m happy.

-Paavo