Network Storage Protocols Discussions

NFS Mount noexec flag appear event though it is not explicit




Customer used to mount an NFS share on a 7-mode system using the following string:


IP:/EXPORT /MountPoint nfs rw,user,nolock,vers=3,bg,soft,acl,_netdev 0 0


He told me he has always been able to execute files inside the mount point (regardless of the user flag which has noexec as an implication).


So, recently, the volume the export above was migrated to ONTAP (9.7). Customer continued to mount with the same NFS mount options, but now the OS is recognizing the noexec flag.


IP:/EXPORT /MountPoint nfs rw,nosuid,nodev,noexec,relatime,...


Customer asked if there is any option on ONTAP (export or volume) that changed the behaviour. Any thoughts?


I told him that when using the user flag, he must explicitly user the exec flag after it to have the desired executions permissions.






There probably is some server side option/export policy option doing this. When mounting, it's probably autonegotiating. Either that, or the client is sending the request. 


However, I was unable to reproduce it.


- What is the volume security style?

- What is the output of the following:


- set diag; nfs server show -instance

- set diag; export-policy rule show -instance


You may want to collect a packet capture of the issue and open a support case.





Thanks for answering.


Here it is:


- What is the volume security style? UNIX

- What is the output of the following:


- set diag; nfs server show -instance

attached nfs01.txt file

- set diag; export-policy rule show -instance

attached nfs02.txt file


Kind regards,

Pedro Rocha.

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner