Network and Storage Protocols
Customer used to mount an NFS share on a 7-mode system using the following string:
IP:/EXPORT /MountPoint nfs rw,user,nolock,vers=3,bg,soft,acl,_netdev 0 0
He told me he has always been able to execute files inside the mount point (regardless of the user flag which has noexec as an implication).
So, recently, the volume the export above was migrated to ONTAP (9.7). Customer continued to mount with the same NFS mount options, but now the OS is recognizing the noexec flag.
IP:/EXPORT /MountPoint nfs rw,nosuid,nodev,noexec,relatime,...
Customer asked if there is any option on ONTAP (export or volume) that changed the behaviour. Any thoughts?
I told him that when using the user flag, he must explicitly user the exec flag after it to have the desired executions permissions.
There probably is some server side option/export policy option doing this. When mounting, it's probably autonegotiating. Either that, or the client is sending the request.
However, I was unable to reproduce it.
- What is the volume security style?
- What is the output of the following:
- set diag; nfs server show -instance
- set diag; export-policy rule show -instance
You may want to collect a packet capture of the issue and open a support case.
Thanks for answering.
Here it is:
- What is the volume security style? UNIX
attached nfs01.txt file
attached nfs02.txt file
Join our Discord Community