Network and Storage Protocols

NFS Mount noexec flag appear event though it is not explicit

pedro_rocha
4,590 Views

Hello,

 

Customer used to mount an NFS share on a 7-mode system using the following string:

 

IP:/EXPORT /MountPoint nfs rw,user,nolock,vers=3,bg,soft,acl,_netdev 0 0

 

He told me he has always been able to execute files inside the mount point (regardless of the user flag which has noexec as an implication).

 

So, recently, the volume the export above was migrated to ONTAP (9.7). Customer continued to mount with the same NFS mount options, but now the OS is recognizing the noexec flag.

 

IP:/EXPORT /MountPoint nfs rw,nosuid,nodev,noexec,relatime,...

 

Customer asked if there is any option on ONTAP (export or volume) that changed the behaviour. Any thoughts?

 

I told him that when using the user flag, he must explicitly user the exec flag after it to have the desired executions permissions.

 

Regards,

Pedro

2 REPLIES 2

parisi
4,486 Views

There probably is some server side option/export policy option doing this. When mounting, it's probably autonegotiating. Either that, or the client is sending the request. 

 

However, I was unable to reproduce it.

 

- What is the volume security style?

- What is the output of the following:

 

- set diag; nfs server show -instance

- set diag; export-policy rule show -instance

 

You may want to collect a packet capture of the issue and open a support case.

 

pedro_rocha
4,464 Views

Hi,

 

Thanks for answering.

 

Here it is:

 

- What is the volume security style? UNIX

- What is the output of the following:

 

- set diag; nfs server show -instance

attached nfs01.txt file

- set diag; export-policy rule show -instance

attached nfs02.txt file

 

Kind regards,

Pedro Rocha.

Public