Mounting nfs on linux permission denied

mount: nfs access denied by server

Am trying to mount a NFS device in my linux machine. My /etc/fstab is like this, 192.168.0.5:/volume2/Asterisk_Recordings /var/spool/newnfs nfs rsize=32768,wsize=32768,intr,noatime 1 0 My /etc/mtab is like this, 192.168.0.5:/volume2/Asterisk_Recordings /var/spool/newnfs nfs rw,addr=192.168.0.5 0 0 I have enabled NFS in my NAS device. When i type mount » mount -t nfs -v 192.168.0.5:/volume2/Asterisk_Recordings /var/spool/newnfs/» I get like this, mount.nfs: timeout set for Thu Aug 1 07:01:04 2013 mount.nfs: trying text-based options ‘vers=4,addr=192.168.0.5,clientaddr=192.168.1.1’ mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting 192.168.0.5:/volume2/Asterisk_Recordings Any possible reasons? Thanks in advance.

5 Answers 5

This error can also occur if the /etc/hosts file on the nfs server maps the hostname of the client to an incorrect IP address, or the IP address of the client to an incorrect hostname. It is quick and easy to check, so worth doing before looking for other problems. Note that, if you do have to change any entries then the nfs-server has to be stopped and re-started, as it reads the hosts file only when it is started.

Is there a config file on the NAS where to put allowances for clients? E.g. in debian based OS the config file is «/etc/exports» and you would put there «/volume2/Asterisk_Recordings 192.168.1.1(rw,sync)» and activate this with «exportfs -a» (your NAS may do this automatically if you update the config via a web interface, I guess.) Check also https://stackoverflow.com/questions/22246477/mounting-nfs-results-in-access-denied-by-server.

Remember to add IP addresses/hostnames of your NFS’ clients to /etc/hosts.allow of NFS’ server

nfs: clienthost2, clienthost2, clienthost3 

You might restart nfs config and nfs service on the NFS server as well as run export again.

systemctl restart nfs-config.service systemctl status nfs.service exportfs -arv 

I have a Debian 10 system with a Debian 10 VM running inside it. I wanted to access a physical partition from the hard drive on the VM. I mounted the physical drive on the host and exported it. I was not able to mount it on the guest continually getting a access denied error

The solution after many hours was to add the no_all_squash option in the exports file. This is supposed to be the default but I needed to add it explicitly. As soon as I did that the problem went away and I could mount the file system. Unfortunately I could not see the files on the fs.

/media/dev 192.168.100.0/24(rw,sync,no_subtree_check,no_root_squash,no_all_squash) 

On the server I could see the files and on the host I could not.

I had to change the line to

/media/dev 192.168.100.0/255.255.255.0(rw,sync,no_subtree_check,no_root_squash,no_all_squash) 

to see the actual files that were on the file sets

Источник

unixforum.org

Привет.
Бьюсь, который день. Весь инет облазил, кругом, по сути, пишут одно и то же. Не могу примонтировать директорию по nfs.

Итак, что у меня есть:
Сервер:
debian lenny с внешним ip (светится в сеть)
Клиент:
debian lenny — установлен в качестве гостевой системы на virtualbox

Пинг серверной машины на клиентской проходит успешно. Клиентская машина спокойно выходит в инет

Задача: примонтировать експортируемую директорию сервера на клиентской машине

Мои шаги:
На сервере установил nfs-kernel-server nfs-common portmap
На клиенте установил nfs-common portmap

конфиги:
/etc/hosts.deny
здесь все закомментировано

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system. # See the manual pages hosts_access(5) and hosts_options(5). # # Example: ALL: some.host.name, .some.domain # ALL EXCEPT in.fingerd: other.host.name, .other.domain # # If you're going to protect the portmapper use the name "portmap" for the # daemon name. Remember that you can only use the keyword "ALL" and IP # addresses (NOT host or domain names) for the portmapper, as well as for # rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8) # for further information. # # The PARANOID wildcard matches any host whose name does not match its # address. # You may wish to enable this to ensure any programs that don't # validate looked up hostnames still leave understandable logs. In past # versions of Debian this has been the default. # ALL: PARANOID

# /etc/hosts.allow: list of hosts that are allowed to access the system. # See the manual pages hosts_access(5) and hosts_options(5). # # Example: ALL: LOCAL @some_netgroup # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu # # If you're going to protect the portmapper use the name "portmap" for the # daemon name. Remember that you can only use the keyword "ALL" and IP # addresses (NOT host or domain names) for the portmapper, as well as for # rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8) # for further information. # portmap:ALL lockd:ALL rquotad:ALL mountd:ALL statd:ALL

# /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /home/user/nfs *(ro,sync,no_root_squash,,subtree_check)

* — разрешить всем ip адресам
rw — чтение/запись
sync — синхронный доступ
subtree_check
no_root_squash — запрещен доступ под root’ом

#/etc/init.d/nfs-kernel-server restart

вроде бы сервен настроен и экспортирует директорию /home/user/nfs

Теперь на клиенте пытаюсь примонтировать удаленную директорию
# mount server_ip:/home/user/nfs /home/user/server_dir
на это получаю:
mount.nfs: server_ip:/home/user/nfs failed, reason given by server: Permission denied
В инете встречал, что такая ошибка встречается, если экспортируемые директории не правильно настроены в файле /etc/exports
Вообщем, как правильно настроить.
Да, еще хотел сказать, что клиентская машина хочет получить доступ к расшаренной папке на сервере через интернет, может это есть причина ошибки монтирования?

Источник

Монтирование nfs шары — failed: Permission denied

Потому-что нет прав? Тебе же русским языком написали (:

Тащемта, это наркомания, когда из домашней сети пытаются делать каких-то осьминогов с подсетями 1 и 2. Задавая подсеть /24 надо быть готовым использовать только одну 192.168.х.

Опа, не дописал. Первая подсеть можеть ходить на шару с музыкой, а не целиком на шару.

Это действительно наркомания, когда твои глаза не верят написанному.

Тут, похоже, что-то другое. Поменял на

Если подключаю с неправильным именем — получаю

mount: mounting 192.168.1.20:/medi/ on /tmp/mnt failed: Permission denied 

/home/root # mount -t nfs 192.168.1.20:/media/music /tmp/mnt mount: mounting 192.168.1.20:/media/music on /tmp/mnt failed: Connection refused 

Мля, да смотри куда монтируешь-то, не надо это делать из под рута, в хомяк религия не позволяет?

А последнее уже по делу, карту сети давай

Это микророутер с 8Мб, там кроме рута никого нет и не будет.

Задача такова: есть основная сеть (192.168.1.*), в ней нормальный роутер, нас. В один из портов подключаю микророутер, чтобы добивать туда, где стены не дают. Это вторая сеть 192.168.2.*

Зачем нужно мапить шары на роутере? Потому что dlna не работет между сетями, а если поднять на роутере minidlna, и натравить на шару, то, возможно, взлетит.

Добавить маршрут или втащить всех в одну подсеть. Последнее наверное правильней или у тебя истерия со слежкой?

Источник

NFS Permission Denied when mounting from WSL

(I set it to * from the previous 10.0.0.0/16 for debugging) And just to be sure, ran exportfs -ra and sudo service nfs-kernel-server restart . Yet even still, when I try to mount in WSL, I get the permission denied error. I can mount on other machines just fine.

1 Answer 1

I have the same issue, but have a few possible solutions.

My nfs logs look like this (I’m guessing yours do, too):

refused mount request from 192.168.123.123 for /mnt/poolio/data (/mnt/data): illegal port 59646 

The solutions seem to be rabbit holes.

By default, WSL’s network is NAT’d. This requires port forwarding.

1. The NFS client is using a reserved port under 1024 which can only be open with root privileges, hence the security.
2. WSL does the port translation (NAT) -> client port is now greater than 1024.
3. The NFS server refuses the connection with that insecure port.

There are several possible solutions, each of which have their pros and cons unfortunately:

• Solution 1: Use port forwarding
• Solution 2: Use Bridge Mode instead of NAT on WSL interface. (apparently creates DNS issues)
• Solution 3: Allow insecure ports on the NFS server. Problem is anyone can impersonate you if you allow this.

The first two solutions are mentioned in this Stack Overflow answer. The third I don’t have a link for yet — My apologies.

I have not had a chance to try any of these yet, myself. I’d be interested in hearing your results if you get a chance to try them before I do.

Apologies for not providing more complete instructions. I know that is how I prefer my answers.

Источник

NFS permission denied

When I configure NFS and create a file on the client NFS shared dir, I get the following message: permission denied. My configuration:

configuration nfs server

http://www.server-world.info/en/note?os=CentOS_6&p=nfs&f=1

configuration nfs client

http://www.server-world.info/en/note?os=CentOS_6&p=nfs&f=2 where is the problem?

Those 2 images don’t tell much. Can you do a showmount -e server from the client as well the output from mount ?

What user are you logged in to the client as? If root, what are your NFS export options on the server?

LEGEND . I have been trying to mount a docker NFS volume for two days now no where did I see no_all_squash until here ! Shot bro!

2 Answers 2

You need to run the command on the server after modifying the /etc/exports file:

Also when debugging connectivity issues with NFS you can run the command showmount -e to see what mounts a given server is exporting out.

example

$ showmount -e cobbler Export list for cobbler: /cobbler/isos 192.168.1.0/24 

services running on nfs clients

You need to make sure that you have the following services running so that the clients can communicate with the NFS server:

$ chkconfig --list|grep rpc rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off 

$ chkconfig --list|grep nfs nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off 

rpcinfo

With the above services running you should be able to check that the client can make remote procedure calls (rpc) to the NFS server like so:

$ rpcinfo -p cobbler program vers proto port service 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 807 status 100024 1 tcp 810 status 100011 1 udp 718 rquotad 100011 2 udp 718 rquotad 100011 1 tcp 721 rquotad 100011 2 tcp 721 rquotad 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100021 1 udp 60327 nlockmgr 100021 3 udp 60327 nlockmgr 100021 4 udp 60327 nlockmgr 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100021 1 tcp 57752 nlockmgr 100021 3 tcp 57752 nlockmgr 100021 4 tcp 57752 nlockmgr 100005 1 udp 750 mountd 100005 1 tcp 753 mountd 100005 2 udp 750 mountd 100005 2 tcp 753 mountd 100005 3 udp 750 mountd 100005 3 tcp 753 mountd 

mounting and the kernel modules

I see what you wrote in an answer that you then deleted. You should’ve added that info to the question!

I can see where you were getting stumped now. I don’t believe you’re suppose to be mounting using:

Try changing that. Also I see where you were ultimately getting stumped. You didn’t have the nfs kernel module loaded.

Источник