I have created a vol with unix security style for multiprotcol . I see that windows clients are able to access the share but for linux/unix clients i am unable to mount the nfs share without root permissions . I am able to mount the share only if i do sudo bash .I have disabled the option of mount-root-only but still unable to get it fixed.
How can i get this fix ? why i am not able to mount without being root user .
Rule Index: 1 Access Protocol: nfs3 List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 0.0.0.0/0 RO Access Rule: any RW Access Rule: any User ID To Which Anonymous Users Are Mapped: 65534 Superuser Security Types: any Honor SetUID Bits in SETATTR: true Allow Creation of Devices: true
Tried sectrace using IP , trace -result shows up nothing
tried for unix user
i have got below error when creating a filter.
Vserver: svm_dragonzee (internal ID: 3)
Error: Acquire UNIX credentials procedure failed [ 2 ms] Entry for user-name: aadfakm-a01 not found in the current source: FILES. Entry for user-name: aadfakm-a01 not found in any of the available sources **[ 7] FAILURE: Unable to retrieve UID for UNIX user aadfakm-a01
Error: command failed: Failed to create or modify an NFS security trace filter because the UNIX user name "aadfakm-a01" could not be resolved to a UNIX ID.
But as per export-policy rule i have added clientmatch for access , so any user loggin in thru matching clients should be able to mount it ?
This is not a NetApp issue, but an NFS client issue.
The way the client is configured controls what non-root users can and cannot do.
For instance, on my client, only root can use "-o" on mounts:
bash-4.2$ mount -o nfsvers=3 demo:/home /mnt/home mount: only root can use "--options" option
I can sudo, but if I'm not in the sudoers file, I'm not allowed mount commands: bash-4.2$ sudo mount -o nfsvers=3 demo:/home /mnt/home
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:
#1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility.
[sudo] password for git: git is not in the sudoers file. This incident will be reported.
When I add the user to the sudoers file, it can mount:
bash-4.2$ sudo mount -o nfsvers=3 demo:/home /mnt/home [sudo] password for git:
demo:/home on /mnt/home type nfs (rw,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.193.67.237,mountvers=3,mountport=635,mountproto=udp,local_lock=none,addr=10.193.67.237)
You could also leverage the automounter files to remove the need for users to be in sudoers, where the mount occurs when they cd to the mountpoint.