Re: Permission denied on resources that are exported to netgroups

zinovik_igor · ‎2010-09-29

Hello.

My problem is following:

I created /etc/netgroup with entry

myhosts (ns,,) (db,,)

Then I export volume 'ports' to that netgroup by doing:

fas1> exportfs -io sec=sys,rw=@myhosts,root=@myhosts /vol/ports

When i try to mount i see permission denied:

ns% sudo mount fas1:/vol/ports /mnt/p
mount_nfs: can't access /vol/ports: Permission denied

I tried to google the solution, but ended with nothing. I waited for 60 seconds after

editing /etc/netgroup, so that DataONTAP could reread it, but it did not helped.

Filer can successfully ping both hosts and resolve their hostnames. If during

export i specify ip addresses or hostnames I can successfully mount and

do IO on mounted volume, but not when i use netgroup.

This is FAS3020c running DOT 7.3.3.

nfs.netgroup.strict on

mforte · ‎2010-11-15

Try

fas1*> getXXbyYY netgrp myhosts ns
You should see:

client ns is in netgroup myhosts
If you get the following error then there may be an issue resolving.

You can check your nsswitch.conf and set netgroup: to same as files: (I assume files: is correct since ping works).

'netgroup_match' returned failure: eCode = 5

JERONIMO123 · ‎2013-12-18

Same problem here. Anyone ever find a solution?

> rdfile /vol/vfroot/etc/exports
#Auto-generated by setup Tue Dec  3 14:53:25 CET 2013
/vol/vfroot -sec=sys,rw,anon=0,nosuid
/vol/vf_test    -sec=sys,root=@x
rdfile /vol/vfroot/etc/netgroup
x (1.2.3.4,,)
*> getXXbyYY netgrp x 1.2.3.4
'netgroup_match' returned failure: eCode = 5

Obviously, root@x has no (write) access to the share.

Thanks for any feedback.

aborzenkov · ‎2013-12-18

And what is result of getXXbyYY netgrp x 1.2.3.4?

JERONIMO123 · ‎2013-12-19

It's "eCode = 5". Apparently I forgot to anonymize in one place

So what does this "eCode = 5" mean and how can I fix it?

Permission denied on resources that are exported to netgroups

Get ready to power on