ONTAP Discussions

fsecurity show UNIX Security


We have an issue with volumes created on our NetApp and the ability to access them from Linux workstations

Background information
- NetApp Release 8.2.1  7 Mode

- NFS v3


Having created a new volume with associated share and export, we are mounting them to Ubuntu 14.04 using the umount command.  We have noticed that some of the more recently created volumes are mounted correctly, but it is not possible to access them from the mount point, it returns a message that you do not have sufficient permissions.


We have checked the following in he NetApp OnCommand System Manager.....

- The share access controls are everyone - Full control

- The client permissions for Export are set so the UNIX security has the clients All hosts with the permissions Allow Read Write


However, we are still not able to resolve the issue.  We have looked into the fsecurity on the SAN and noticed the following.......


     The volume James is accessible with read/write permissions from both a windows client and also a Unix workstation (when mounted), so as far as we are concerned, it is set up as we need it to be


SAN0D> fsecurity show /vol/James

[/vol/James - Directory (inum 64)]

  Security style: Mixed

  Effective style: Unix


  DOS attributes: 0x0030 (---AD---)


  Unix security:

    uid: 1000 (projname)

    gid: 1000

    mode: 0777 (rwxrwxrwx)


  No security descriptor available.


     The James2 volume can be mounted, but is not accessible from the Linux workstation


SAN0D> fsecurity show /vol/James2

[/vol/James2 - Directory (inum 64)]

  Security style: Mixed

  Effective style: Unix


  DOS attributes: 0x0010 (----D---)


  Unix security:

    uid: 0 (root)

    gid: 0

    mode: 0755 (rwxr-xr-x)


  No security descriptor available.



The difference we have noticed is in the Unix Security section with the uid, the gid and the mode.


Assuming that this the correct diagnosis of the issue, how do we go about making changes to these settings?








Hi @James_M


NetApp suggested not to use mixed security style. You can keep ntfs or unix security style and make volume or qtree accessable by giving appropriate entries on usermap.cfs and password file.


rdfile /etc/usermap.cfg


rdfile /etc/passwd


Also please post the output of exportfs and rdfile /etc/exports.




Exactly, you need to pick one, NTFS or Unix.  If this isn't a mixed mount then straight unix security style.


If it's a multi-protocol share, NTFS, and then all the permissions are controlled via AD

What exactly "not accessible" means? Paste exact command and its output (error message) that demonstrates it.