ONTAP Discussions
ONTAP Discussions
We have an issue with volumes created on our NetApp and the ability to access them from Linux workstations
Background information
- NetApp Release 8.2.1 7 Mode
- NFS v3
Having created a new volume with associated share and export, we are mounting them to Ubuntu 14.04 using the umount command. We have noticed that some of the more recently created volumes are mounted correctly, but it is not possible to access them from the mount point, it returns a message that you do not have sufficient permissions.
We have checked the following in he NetApp OnCommand System Manager.....
- The share access controls are everyone - Full control
- The client permissions for Export are set so the UNIX security has the clients All hosts with the permissions Allow Read Write
However, we are still not able to resolve the issue. We have looked into the fsecurity on the SAN and noticed the following.......
The volume James is accessible with read/write permissions from both a windows client and also a Unix workstation (when mounted), so as far as we are concerned, it is set up as we need it to be
SAN0D> fsecurity show /vol/James
[/vol/James - Directory (inum 64)]
Security style: Mixed
Effective style: Unix
DOS attributes: 0x0030 (---AD---)
Unix security:
uid: 1000 (projname)
gid: 1000
mode: 0777 (rwxrwxrwx)
No security descriptor available.
The James2 volume can be mounted, but is not accessible from the Linux workstation
SAN0D> fsecurity show /vol/James2
[/vol/James2 - Directory (inum 64)]
Security style: Mixed
Effective style: Unix
DOS attributes: 0x0010 (----D---)
Unix security:
uid: 0 (root)
gid: 0
mode: 0755 (rwxr-xr-x)
No security descriptor available.
The difference we have noticed is in the Unix Security section with the uid, the gid and the mode.
Assuming that this the correct diagnosis of the issue, how do we go about making changes to these settings?
Hi @James_M
NetApp suggested not to use mixed security style. You can keep ntfs or unix security style and make volume or qtree accessable by giving appropriate entries on usermap.cfs and password file.
rdfile /etc/usermap.cfg
rdfile /etc/passwd
Also please post the output of exportfs and rdfile /etc/exports.
^^
Exactly, you need to pick one, NTFS or Unix. If this isn't a mixed mount then straight unix security style.
If it's a multi-protocol share, NTFS, and then all the permissions are controlled via AD