2014-06-16 10:39 AM
When I have this in the etc/exports file:
I cannot mount the volume on host 184.108.40.206:
mount.nfs: access denied by server while mounting 220.127.116.11:/vol/test
When I change the exports to have:
everything works fine. But I don't want everyone to be rw.
(Yes, I'm doing exportfs -r each time after changing the exports file)
Why would that be?
Solved! SEE THE SOLUTION
2014-06-16 12:10 PM
root= does not imply rw= or ro=. For every entry in root=, you need to specify that it can mount the volume (with rw=/ro=). So:
/vol/test -sec=sys, rw=18.104.22.168:22.214.171.124, root=126.96.36.199, nosuid
2014-06-16 02:17 PM
Simple answer to a simple question, thanks.
Would have been even simpler if that was clearly stated in man na_exports or na_exportfs, .... or I just looked in the wrong place for that info.
2014-06-16 02:40 PM
It kind of says so -
Unlike in Data ONTAP releases prior to 6.5, if you spec-
ify a list of NFS clients with read-write access using
the rw= option, Data ONTAP does not use the ro option as
the default for all other NFS clients.
This was a pretty big deal when upgrading to 6.5, because the exports had to be scoured to make sure required mount ability wasn't going to go away - which is probably why it sticks in my mind....
2014-06-16 03:06 PM
Yeah I read that.
But it doesn't help if you don't know that there is 'rw' or 'ro' and apart from that optionally the root parameter, so you have in fact five possible access combinations:
- nothing (whether with or without root makes no difference as we have seen)
Well now I know and it will never leave my mind ;-)