Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

NFS GROUP Mount issue - VMS V8.3-1H1

 
curtisk_1
Advisor

NFS GROUP Mount issue - VMS V8.3-1H1

I am having some trouble trying to mount an NFS share with just group priv on VMS V8.3-1H1.

In summary my question is as follows:

Can you perform a GROUP NFS mount without SYSNAM or CMKRNL privilege?

Testing Information below
==========================

My aim is to have a NFS mount running from my VMS 8.3 environment to a given server (in this case HPUX) at a group level in order for our in house application to access the mount.

The account (Account name = TESTACCOUNT) I want to perform the mount using has the below privilege:

GROUP, GRPNAM, GRPPRV, NETMBX, OPER, TMPMBX

If I run the mount from this account I get the below error

tcpip mount dnfs0: TEST NFS_TEST /host=testserver/path="/home/test"/Write /noconvert /noADF /group /protection=(S:RWED,O:RWED,
G:RWED,W)

%TCPIP$DNFSMOUNT-E-MOUNTFAIL, error mounting DNFS0:
-SYSTEM-F-NOPRIV, insufficient privilege or object protection violation

If I grant the account CMKRNL priv all works ok

tcpip mount dnfs0: TEST NFS_TEST /host=testserver/path="/home/test"/Write /noconvert /noADF /group /protection=(S:RWED,O:RWED,
G:RWED,W)
%TCPIP$DNFSMOUNT-S-MOUNTED, /home/test mounted on _DNFS13:[000000]

I'd like to avoid granting this user any further privlage than it has above.

I've gone through the HP TCP/IP Services for OpenVMS Management manual and was under the impression that you did not need SYSNAM privilege to perform a group mount, you only needed GRPNAM privilege.

Has anyone had any experience on this or any useful advice.

Any help would be greatly appreciated.

Many Thanks
5 REPLIES 5
Hoff
Honored Contributor

Re: NFS GROUP Mount issue - VMS V8.3-1H1

Here are some generic options for allowing non-privileged users to perform privileged operations without granting privileges to the end-user folks:

http://labs.hoffmanlabs.com/node/491
Mario Dhaenens
Frequent Advisor

Re: NFS GROUP Mount issue - VMS V8.3-1H1

Hi,

I had a similar issue with NFS mounted disks.
For the host I used a Full Qaulified Domain Name and then it worked OK.

Example:

$ tcpip mount dnfs2: /host=gnl9010201.gent.volvo.com -
/path="/S05/NFSERVER/VCEI" /superuser=0/gid=1/uid=1/structure=5

I know this has nothing to do with privileges.

Regards,

/Toine
Shilpa K
Valued Contributor

Re: NFS GROUP Mount issue - VMS V8.3-1H1

Hi Curtisk,

As of now, in order to successfully start the NFS ACP process during mount operation, CMKRNL privilege is compulsorily required. This requirement is independent of any of the qualifiers that you would specify for mount operation.

Regards,
Shilpa
curtisk_1
Advisor

Re: NFS GROUP Mount issue - VMS V8.3-1H1

Sorry for the lack of response I have been away on Leave for the last 2 weeks. I will Go over your comments today and allocate points asap.

Thanks for the replies so far.
curtisk_1
Advisor

Re: NFS GROUP Mount issue - VMS V8.3-1H1

Eventually raised this with HP and they have now confirmed that this needs to be elevated to TCP/IP Engineering.

It's believed to be a typical bug that came in with TCP/IP V5.x. On UCX V4.2 the NFS mount
worked fine without CMKRNL priv.