HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

autofs and permission

 
whiz_kid911
Frequent Advisor

autofs and permission

hi
any idea why this would not work ?

# more /etc/auto_master
/net -hosts -nosuid,soft,nobrowse
/- /etc/auto_direct
#
# more /etc/auto_direct
/sapmnt/KPP -nosuid 10.200.66.32:/export/sapmnt/KPP
/usr/sap/trans -nosuid 10.200.66.32:/export/sapmnt/trans
#
#
# cd /sapmnt/KPP/
sh: /sapmnt/KPP/: Permission denied.
#
# cd /sapmnt
# ll
total 0
dr-xr-xr-x 1 root root 1 Apr 23 13:56 KPP
# chmod 777 KPP
chmod: can't change KPP: Permission denied
#


1 REPLY
Matti_Kurkela
Honored Contributor

Re: autofs and permission

You might want to read /var/adm/syslog/syslog.log to see if it contains more information about why the autofs is failing.

I see at least two possible problems:

1.)
To protect the NFS server against compromised NFS clients, the NFS server treats the user "root" at the NFS client as equivalent to user "nobody" by default. This protection is configurable at the NFS server, when exporting/sharing the filesystem over NFS.

This might be the reason why your chmod command fails, but since /sapmnt/KPP is world-readable and -accessible, the "cd /sapmnt/KPP" should have worked. Something else must be going on...

2.)
Your autofs uses the NFS server's IP address to mount the NFS filesystems, but is the NFS client listed by IP address or by name in the NFS server's configuration? If it's by name, the NFS server might be unable to reverse-map the source IP address of the incoming NFS mount request to the client hostname.

This would cause the NFS server to reject the mount request... and the autofs would have to relay it as a "Permission denied" error to the application trying to access the NFS filesystem.

There would be multiple ways to fix this:
- fix your DNS so that your client hostnames can be correctly looked up by IP address
- or add the names and IP addresses of your NFS clients to /etc/hosts at the NFS server
- or change the NFS share/export configuration at the NFS server to use IP addresses instead of hostnames.

MK
MK