Linux – Can’t mount NFS4 share

linuxnfsrhel-6

I have two directories exported from an NFS server. On my NFS client machine, I can mount one of the directories, using the default syntax, as NFS4. However, the other directory will only mount if I explicitly specify "vers=3". If I don't use that syntax, I get error "mount.nfs: access denied by server while mounting nat149app:/var/fea/jobs".

Both boxes are RHEL 6.1.

On the server:

[root@nat149app fea]# cat /etc/exports
# /var/fea/jobs   -rw,async,no_root_squash xxx.xxx.1.0/24
# /usr/local      -ro,async,no_root_squash xxx.xxx.1.0/24
/var/fea/jobs   xxx.xxx.1.0/24(rw,async,no_root_squash)
/usr/local      xxx.xxx.1.0/24(ro,async,no_root_squash)

On the client:

[root@nat145app ~]# mount
/dev/sda4 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
/dev/sda5 on /home type ext4 (rw)
/dev/sda3 on /usr type ext4 (rw)
/dev/sda6 on /var type ext2 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

[root@nat145app ~]# mount nat149app:/usr/local /usr/local

[root@nat145app ~]# mount nat149app:/var/fea/jobs /var/fea/jobs
mount.nfs: access denied by server while mounting nat149app:/var/fea/jobs

[root@nat145app ~]# ll /var/fea
total 20K
drwxrwx--T   4 root feausers 4.0K Nov 29 13:25 ./
drwxr-xr-x. 22 root root     4.0K Nov 29 13:25 ../
drwxrwx--T   2 root feausers 4.0K Nov 29 13:25 jobs/
drwxrwx--T   2 root feausers 4.0K Nov 29 13:26 temp/

[root@nat145app ~]# mount -o vers=3 nat149app:/var/fea/jobs /var/fea/jobs

[root@nat145app ~]# mount
/dev/sda4 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
/dev/sda5 on /home type ext4 (rw)
/dev/sda3 on /usr type ext4 (rw)
/dev/sda6 on /var type ext2 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nat149app:/usr/local on /usr/local type nfs (rw,vers=4,addr=139.69.1.149,clientaddr=139.69.1.145)
nat149app:/var/fea/jobs on /var/fea/jobs type nfs (rw,vers=3,addr=139.69.1.149)

I have tried this with both rw and ro. I have also tried it without the "o+t" permission on the directiories. And I have also tried this using entries in /etc/fstab. Makes no difference.

Best Answer

From what I know, NFS v4 requires all exported directories to be inside a single "root" (which has fsid=0 set in /etc/exports). For example:

/srv/nfs              xxx.xxx.1.0/24(ro,root_squash)
/srv/nfs/usr-local    xxx.xxx.1.0/24(ro,root_squash)
/srv/nfs/fea-jobs     xxx.xxx.1.0/24(rw,root_squash)

which are then mounted as:

mount -t nfs4 nat149app:/usr-local /usr/local
mount -t nfs4 nat149app:/fea-jobs /var/fea/jobs

Usually bind mounts are used to set up /srv/nfs (or /exports or similar); for example:

mount --bind /usr/local /srv/nfs/usr-local
mount --bind /var/fea/jobs /srv/nfs/fea-jobs

(for fstab, /usr/local /srv/nfs/usr-local none bind 0 0)

In your current configuration, /usr/local is being used as the NFS root (with nat149app:/usr/local being accepted only for compatibility; the real address is nat149app:/) and the server denies access to everything outside it.

See section 7 - NFS Server Name Space of RFC 3530 - NFS version 4.

Related Solutions

Linux VM – Fix ‘Read Only File System’ Error on Ubuntu

Although this is a relatively old question, the answer is still the same. You have a virtual machine (running on a physical host) and some sort of storage (either shared storage – a FC SAN, iSCSI storage, an NFS share – or local storage).

With virtualisation, many virtual machines try to access the same physical resources at the same time. Due to physical limitations (number of read/write operations – IOPS; throughput; latency) there might be a problem to satisfy all storage requests of all physical machines at the same time. What usually happens: you will be able to see "SCSI retries" and failed SCSI operations in the operating systems of your virtual machines. If you get too many errors/retries in a certain period of time, the kernel will set the mounted filesystems read-only in order to prevent damage to the filesystem.

To cut the long story short: Your physical storage is not "powerful" enough. There are too many processes (virtual machines) accessing the storage system at the same time, your virtual machines do not get the response from the storage fast enough, and the filesystem goes read-only.

There are not terribly many things you can do. The obvious solution is better/additional storage. You can also modify the parameters for SCSI timeouts in the Linux kernel. Details are described, e.g., in:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009465

http://www.cyberciti.biz/tips/vmware-esx-server-scsi-timeout-for-linux-guest.html

However, this will only "postpone" your problems, because the kernel only gets more time before the filesystem will be set read-only. (I.e., you do not solve the cause of the problem.)

My experience (several years with VMware) is that this problem only exists with Linux kernels (we're using RHEL and SLES) and not with Windows servers. Also, this problem occurs on all sorts of storage – FC, iSCSI, local storage. For us, the most critical (and expensive) component in our virtual infrastructure is storage. (We're now using HP LeftHand with 1 Gbps iSCSI connections, and have not had any storage issues ever since. We chose LeftHand (over traditional FC-solutions) for its scalability.

Linux cp Permission denied on ntfs file system

It seems to me that permissions are not correctly set.

you are user g and can read a file = OK
but you can't create a file in a destination because the directory media is not writeable by you, only root can do that

So either copy as root or change the permissions on target so that you have a write permission on media directory.

As pointed out it's not possible to change permissions nor ownership on mounted NTFS filesystem. In that case there is a possibility to use proper mount options. Bellow excerpt from man mount

uid=value, gid=value and umask=value

Set the file permission on the filesystem. The umask value is given in octal. By default, the files are owned by root and not readable by somebody else.

Example: (for /dev/sdc1 with FAT32 filesystem)

Check that the device is not mounted (following should return without output)

$ mount | grep sdc1

Mount the device with uid and gid option set

$ sudo mount /dev/sdc1 -o uid=1000,gid=1000 /mnt

Verify the mountpoint

$ mount | grep sdc1

/dev/sdc1 on /mnt type vfat (rw,relatime,uid=1000,gid=1000,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)

Best Answer

Related Solutions

Linux VM – Fix ‘Read Only File System’ Error on Ubuntu

Linux cp Permission denied on ntfs file system

Related Question