Hi!
I have some problems with NFS volumes on openSUSE 12.2. RC2 (64-bit). If a normal user wants to enter a mounted NFS volume get the message “Permission denied”. Only root can access all the volumes and do “everyting”.
I think that openSUSE 12.2 RC2 has problems (or a bug) with user id (or group id) mappings!
First of all I have to say that I have 4 machines and 1 server that exports NFS volumes. The only problematic is the machine with openSUSE 12.2 RC2 with the “Permission denied” message when entering the mounted volumes as ordinary user (except the volume /mnt/domains which users can enter but is readonly - it should be read and write). Moreover the machine on which openSUSE 12.2 RC2 is installed on it has two more OS (multiboot machine - all the network configurations are identical) with openSUSE 11.4 64-bit and Ubuntu 12.04 64-bit - both OS have NO PROBLEMS with accessing NFS volumes!
Below are some more detailed info about the machine (client) running openSUSE 12.2 RC2 64-bit. As you can see all the UID and GIDs on server and client match, so I do not have any idea what could be wrong! I have searched for errors in log files but I can’t find any error or problematic message related to NFS.
If somebody has some idea how to solve the problem I would be very grateful!
CLIENT (192.168.1.20 - openSUSE 12.2 RC2 64-bit):
uname -a
Linux asus-m2n-e-sli 3.4.6-1.1-desktop #1 SMP PREEMPT Thu Jul 26 09:36:26 UTC 2012 (641c197) x86_64 x86_64 x86_64 GNU/Linux
netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:60296 0.0.0.0:* LISTEN -
tcp 0 0 192.168.1.20:59913 0.0.0.0:* LISTEN 2651/kwrite
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1517/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2581/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1900/master
tcp 0 0 :::49867 :::* LISTEN -
tcp 0 0 :::111 :::* LISTEN 1/init
tcp 0 0 :::22 :::* LISTEN 1517/sshd
tcp 0 0 :::631 :::* LISTEN 1/init
tcp 0 0 ::1:25 :::* LISTEN 1900/master
udp 0 0 0.0.0.0:5353 0.0.0.0:* 639/avahi-daemon: r
udp 0 0 0.0.0.0:631 0.0.0.0:* 1/init
udp 0 0 0.0.0.0:813 0.0.0.0:* 637/rpcbind
udp 0 0 0.0.0.0:1900 0.0.0.0:* 2651/kwrite
udp 0 0 192.168.1.20:49152 0.0.0.0:* 2651/kwrite
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/init
udp 0 0 0.0.0.0:38070 0.0.0.0:* 639/avahi-daemon: r
udp 0 0 :::60627 :::* 639/avahi-daemon: r
udp 0 0 :::5353 :::* 639/avahi-daemon: r
udp 0 0 :::813 :::* 637/rpcbind
udp 0 0 :::111 :::* 1/init
rpcinfo -p 192.168.1.2 (192.168.1.2 is the NFS server)
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 45948 status
100024 1 tcp 50226 status
100011 1 udp 875 rquotad
100011 2 udp 875 rquotad
100011 1 tcp 875 rquotad
100011 2 tcp 875 rquotad
100005 1 udp 55718 mountd
100005 1 tcp 50954 mountd
100005 2 udp 46931 mountd
100005 2 tcp 59307 mountd
100005 3 udp 32918 mountd
100005 3 tcp 54916 mountd
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 2 tcp 2049 nfs_acl
100227 3 tcp 2049 nfs_acl
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 2 udp 2049 nfs_acl
100227 3 udp 2049 nfs_acl
100021 1 udp 59820 nlockmgr
100021 3 udp 59820 nlockmgr
100021 4 udp 59820 nlockmgr
100021 1 tcp 34430 nlockmgr
100021 3 tcp 34430 nlockmgr
100021 4 tcp 34430 nlockmgr
**ON SERVER: **
cat /etc/exports
/export asus-m2n-e-sli.domain.tld(ro,sync,insecure,root_squash,no_subtree_check,fsid=0) hummer755.domain.tld(ro,sync,insecure,root_squash,no_subtree_check,fsid=0) gigabyte-c51-mcp51.domain.tld(ro,sync,insecure,root_squash,no_subtree_check,fsid=0)
/export/domains asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/films asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/music asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/programs asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/pictures asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/pictures_scanned asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/virtualno asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/nfs_trik asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
/export/repo asus-m2n-e-sli.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) hummer755.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) sl6-64bit.domain.tld(rw,sync,insecure,root_squash,no_subtree_check) gigabyte-c51-mcp51.domain.tld(rw,sync,insecure,root_squash,no_subtree_check)
ls /export -alh
drwxr-xr-x. 11 root root 4,0K dec 13 2011 .
dr-xr-xr-x. 32 root root 4,0K avg 22 09:09 ..
drwxrwxr-x. 9 apache user0 4,0K jul 19 15:43 domains
drwxrwx---. 5 root films 4,0K avg 14 11:36 filmi
drwxrwx---. 5 root music 20K jul 20 15:22 music
drwxrwx---. 2 user0 nfs_trik 4,0K avg 6 2011 nfs_trik
drwxrwx---. 4 root programs 4,0K avg 22 08:43 programs
drwxrwxr-x. 17 apache root 4,0K dec 13 2011 repo
drwxrwx---. 6 user0 pictures 4,0K avg 23 13:25 pictures
drwxrwx---. 2 user0 pictures 12K avg 5 10:10 pictures_scanned
drwxrwx---. 5 root virtualno 4,0K jul 23 2011 virtualno
id
id root
uid=0(root) gid=0(root) skupine=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),200(user0),202(vboxusers),203(pictures)
id user1
uid=500(user1) gid=500(user1) groups=500(user1),0(root),6(disk),19(floppy),11(cdrom),491(fuse),200(user0),202(vboxusers),505(films),506(music),507(programs),508(virtualno),203(pictures),520(nfs_trik)
id user0
uid=200(user0) gid=200(user0) groups=200(user0),0(root),6(disk),19(floppy),11(cdrom),491(fuse),202(vboxusers),505(films),506(music),507(programs),508(virtualno),203(pictures),520(nfs_trik)
id user2
uid=501(user2) gid=501(user2) groups=501(user2),6(disk),19(floppy),11(cdrom),491(fuse),200(user0),202(vboxusers),505(films),506(music),507(programs),508(virtualno),203(pictures),520(nfs_trik)
id user3
uid=502(user3) gid=502(user3) groups=502(user3),6(disk),19(floppy),11(cdrom),491(fuse),200(user0),202(vboxusers),505(films),506(music),507(programs),508(virtualno),203(pictures),520(nfs_trik)
** Below every command executed ON CLIENT:**
id root
uid=0(root) gid=0(root) groups=0(root),200(user0),203(pictures),202(vboxusers),33(video),505(films),506(music),520(nfs_trik),507(programs),508(virtualno)
id user1
uid=500(user1) gid=500(user1) groups=500(user1),25(at),17(audio),20(cdrom),21(console),16(dialout),6(disk),19(floppy),7(lp),108(lxdm),43(modem),65533(nobody),71(ntadmin),32(public),0(root),200(user0),203(pictures),3(sys),102(tape),42(trusted),5(tty),22(utmp),14(uucp),202(vboxusers),33(video),505(films),506(music),520(nfs_trik),507(programs),100(users),508(virtualno)
id user0
uid=200(user0) gid=200(user0) groups=200(user0),203(pictures),202(vboxusers),33(video),505(films),506(music),520(nfs_trik),507(programs),508(virtualno)
id user2
uid=501(user2) gid=501(user2) groups=501(user2),25(at),17(audio),20(cdrom),21(console),16(dialout),6(disk),19(floppy),40(games),7(lp),108(lxdm),43(modem),65533(nobody),65534(nogroup),71(ntadmin),32(public),200(user0),203(pictures),102(tape),42(trusted),5(tty),202(vboxusers),33(video),505(films),506(music),520(nfs_trik),507(programs),100(users),508(virtualno)
id user3
uid=502(user3) gid=502(user3) groups=502(user3),25(at),17(audio),20(cdrom),21(console),16(dialout),6(disk),19(floppy),7(lp),108(lxdm),43(modem),65533(nobody),65534(nogroup),71(ntadmin),32(public),200(user0),203(pictures),102(tape),42(trusted),5(tty),202(vboxusers),33(video),505(films),506(music),520(nfs_trik),507(programs),100(users),508(virtualno)
cat /etc/fstab
/dev/disk/by-id/ata-XXXXXXXXXXXXXXXXXXXX-part1 / ext4 acl,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 1 1
proc /proc proc defaults 0 0
sysfs /sys sysfs noauto 0 0
debugfs /sys/kernel/debug debugfs noauto 0 0
usbfs /proc/bus/usb usbfs noauto 0 0
devpts /dev/pts devpts mode=0620,gid=5 0 0
/dev/disk/by-id/ata-XXXXXXXXXXXXXXXXXXXX-part1 /mnt/ide-root ext4 defaults 1 2
/dev/disk/by-id/ata-XXXXXXXXXXXXXXXXXXXX-part4 /mnt/sata2-home ext4 defaults 1 2
/dev/disk/by-id/ata-XXXXXXXXXXXXXXXXXXXX-part1 /mnt/sata2-root ext4 defaults 1 2
192.168.1.2:/domains /mnt/nfs_domains nfs4 defaults 0 0
192.168.1.2:/films /mnt/nfs_films nfs4 defaults 0 0
192.168.1.2:/music /mnt/nfs_music nfs4 defaults 0 0
192.168.1.2:/programs /mnt/nfs_programs nfs4 defaults 0 0
192.168.1.2:/virtualno /mnt/nfs_virtualno nfs4 defaults 0 0
192.168.1.2:/pictures /mnt/nfs_pictures nfs4 defaults 0 0
192.168.1.2:/pictures_scanned /mnt/nfs_pictures_scanned nfs4 defaults 0 0
ls /mnt -alh
drwxrwxr-x 9 nobody nobody 4,0K jul 19 15:43 nfs_domains
drwxrwx--- 5 nobody nobody 4,0K avg 14 11:36 nfs_films
drwxrwx--- 5 nobody nobody 20K jul 20 15:22 nfs_music
drwxrwx--- 4 nobody nobody 4,0K avg 22 08:43 nfs_programs
drwxrwx--- 6 nobody nobody 4,0K avg 23 13:25 nfs_pictures
drwxrwx--- 2 nobody nobody 12K avg 5 10:10 nfs_pictures_scanned
drwxrwx--- 5 nobody nobody 4,0K jul 23 2011 nfs_virtualno
cat /etc/idmapd.conf
[General]
Verbosity=0
Pipefs-Directory=/var/lib/nfs/rpc_pipefs
Domain=asus-m2n-e-sli
[Mapping]
Nobody-User=nobody
Nobody-Group=nobody
cat /etc/hosts
127.0.0.1 localhost
::1 localhost ipv6-localhost ipv6-loopback
fe00::0 ipv6-localnet
ff00::0 ipv6-mcastprefix
ff02::1 ipv6-allnodes
ff02::2 ipv6-allrouters
ff02::3 ipv6-allhosts
192.168.1.20 asus-m2n-e-sli.domain.tld asus-m2n-e-sli
127.0.0.2 asus-m2n-e-sli.domain.tld asus-m2n-e-sli
cat /etc/hosts.allow
– only comments, nothing declared
cat /etc/hosts.deny
http-rman : ALL EXCEPT LOCAL
Best regards!