HPE Community
Operating System - HP-UX
1833452 Members
3331 Online
110052 Solutions
New Discussion

nfs issue, can't read certain files

 
Masaki Birchmier
Frequent Advisor

‎09-30-2002 08:57 AM

‎09-30-2002 08:57 AM

nfs issue, can't read certain files

I am exporting an NFS directory read-only.
On the system that mounts, I can't read files where the owner user id is not resolved. In other words, that user doesn't exist on the system that mounts. The files have world read permissions.

Any ideas?
Thanks, Masaki
0 Kudos
Reply
6 REPLIES 6
Craig Rants
Honored Contributor

‎09-30-2002 09:01 AM

‎09-30-2002 09:01 AM

Re: nfs issue, can't read certain files

A good NFS Troubleshooting Doc.

GL,
C

http://docs.hp.com/hpux/onlinedocs/B1031-90048/00/00/42-con.html
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Shannon Petry
Honored Contributor

‎09-30-2002 09:11 AM

‎09-30-2002 09:11 AM

Re: nfs issue, can't read certain files

If exporting read only and ID's do not exist, a failure to read files is NOT from directory/file permissions but NFS permissions.

Set anon=0 or any other valid UID on each system to fix the problem. If exporting read only, setting anon to 0 is not a security risk.

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
Joaquin Gil de Vergara
Respected Contributor

‎09-30-2002 10:10 AM

‎09-30-2002 10:10 AM

Re: nfs issue, can't read certain files

due to security reasons nfs deny any root access to anything exported...

if you create a file by root in a exported nfs volume owner will be id -1

other users must exist in both machines (same ID)
Teach is the best way to learn
0 Kudos
Reply
Shannon Petry
Honored Contributor

‎09-30-2002 12:01 PM

‎09-30-2002 12:01 PM

Re: nfs issue, can't read certain files

Actually the anon uid is set by passwd user=nobody and can be changed to whatever you want.
Default on solaris is UID: -65534, HP-UX:-1.
Since it is erroneous to mount a read only file system as root, what occurs is that NFS can map the ID so permission is granted under world permissions. Unless this is an automount there will be no problems. If it's an automount then the mount occurs a bit differently and problems can occur.

I'd still recommend you make a generic user on each machine and map annon to that though, as root exports of any size, shape and color can have unknown side effects.

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
Masaki Birchmier
Frequent Advisor

‎09-30-2002 12:24 PM

‎09-30-2002 12:24 PM

Re: nfs issue, can't read certain files

Thanks for your input,
It turns out I was missing user "nobody" from my export server. I added it, set "use uid of user 'noboday'", but no go. Also tried specifying UID to other like "0", still o go.

to pick up the changes, I ran exportfs -av, restarted nfs.server, nfs.client but no joy.

Masaki
0 Kudos
Reply
Shannon Petry
Honored Contributor

‎09-30-2002 12:28 PM

‎09-30-2002 12:28 PM

Re: nfs issue, can't read certain files

Any time you make changes to a NFS server, you need to only run "exportfs -a" to apply the changes.

NOTE: This does not effect clients who have already mounted the server.
TO update clients you must "umount" the NFS directory, then remount the directory. Now the new mount options will apply to both.

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.