Re: NFS share permission denied

sandeepkrishna · ‎07-16-2009

Hi All,

I wish to share a directory from HP-UX 11.23 and get it mounted in a solaris 10 Box . It gives permission denied while try to mount.

Syntax in /etc/exports is

/tmp access=hostname.xxx.xxx.com

I am able to mount directory without any issue if I give access permission to every one. Unfortunately I cant take this as a solution due to security concern..

regds

San

Sunny123_1 · ‎07-16-2009

Hi

Change your syntex of /etc/exports as following

/tmp access=

Regards
Sunny

sandeepkrishna · ‎07-16-2009

Hi Sunny,

I need to give access to multiple hosts..

Sunny123_1 · ‎07-16-2009

Hi

If you want to give read write access then do the following in /etc/exports

rw=hostname[:hostname]....

and if you want to give the root aceess then

root=hostname[:hostname]..

and also refer following regsrding hostname

hostname
The name of a host. With a server configured for DNS naming in the nsswitch "hosts" entry, any hostname must be represented as a fully qualified DNS name. Currently HP-UX will allow a match for a non-fully qualified hostname; this HP only feature will be obsoleted in a later release of HP-UX

Also refer man pages for exportfs

Regards
Sunny

Sunny123_1 · ‎07-16-2009

Hi

Assuming that you want to give root access to the perticular hostname do the following entry in /etc/exports

/tmp root=hostname.xxx.xxx.com, access=hostname.xxx.xxx.com

access=[access_list][:access_list]...
Give mount access to each access_list listed. See the "access_list" subsection below. An empty access= list allows all machines to mount the specified mount point. hostnames on the rw= list do not have to exist on the access list in order to successfully mount the exported file system. hostnames on the root= list must either appear on the rw= list or access= list in order to successfully mount the file system.

Regards
Sunny

sandeepkrishna · ‎07-16-2009

From Server

-bash-3.00$ cat /etc/exports

/tmp root=sigorsky.xxx.xxx.com,access=sigorsky.xxx.xxx.com

-bash-3.00$ sudo exportfs -av

re-exported /tmp

-bash-3.00$ showmount -e
export list for ralph:
/tmp root=sigorsky.xxx.xxx.com

From the client

-bash-3.00$ sudo mount ralph.xxx.xxx.com:/tmp /TEST

nfs mount: ralph.xxx.xxx.com:/tmp: Permission denied

Sunny123_1 · ‎07-16-2009

Hi

Try to mount nfs from root user.

Regards
Sunny

sandeepkrishna · ‎07-17-2009

root@sigorsky # mount ralph.xxx.xxx.com:/tmp /TEST
nfs mount: ralph.xxx.xxx.com:/tmp: Permission denied

root@sigorsky # who am i
root pts/4 Jul 17 09:56

Sunny123_1 · ‎07-17-2009

Hi

Did you check your /etc/hosts???
The both servers ip adresses should be there in /etc/hosts.

Regards
Sunny

sandeepkrishna · ‎07-17-2009

Hi Sunny,

Indeed , entries are very much present in /etc/hosts...

Sunny123_1 · ‎07-17-2009

Hi
Try following
On NFS server, export the file system using
#exportfs -i -o root= /
then try to mount from client system.

Regards
Sunny

sandeepkrishna · ‎07-17-2009

-bash-3.00$ sudo exportfs -i -o root=170.xx.xx.xxx /tmp

There wont be any problem to mount this time. Then the sharing will be for every one, which I need to avoid... :(

-bash-3.00$ showmount -e
export list for ralph:

/tmp (everyone)
-bash-3.00$

Sunny123_1 · ‎07-17-2009

Hi

If you are logged in as root to the NFS client, and your client is not allowed root access to the exported directory, check the passwd database on the NFS server to determine whether it contains an entry for user nobody. Without root access, the root user on an NFS client is given the access permissions of user nobody. Also, check whether anonymous users are denied access to the directory (with the anon=65535 export option).

Regards
Sunny

sandeepkrishna · ‎07-17-2009

Nobody user is present and is allowed access to the NFS server.

-bash-3.00$ cat /etc/passwd | grep -i nobody
nobody:*:-2:-2::/:
-bash-3.00$

Sunny123_1 · ‎07-17-2009

Hi

Edit exportfs entry with -anon option and check

/tmp -anon=65534,access=

Regards
Sunny

sandeepkrishna · ‎07-17-2009

No luck .. But I strongly feel there could be something wrong with my solaris client as I am able to mount to another client with the entry in /etc/exports

/tmp -access=hostname

Sunny123_1 · ‎07-17-2009

Hi

Did you have any file like /etc/dfs/dfstab in solaries server if yes then look out for it.

Regards
Sunny

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: NFS share permission denied

NFS share permission denied