Network and Storage Protocols

problem with the security right of a volume

PASCAL_78
4,724 Views

Hello everybody, I 've got a problem with a volume.

this is the output of this command:

fsecurity show -v nfs_logs /

[/vol/nfs_logs - Directory (inum 64)]

  Security style: Unix

  Effective style: Unix

  DOS attributes: 0x0010 (----D---)

  Unix security:

    uid: 65535 (nobody)

    gid: 0 (root)

    mode: 0755 (rwxr-xr-x)

How to change this ?  Because whe I mount the export on a linux system, it put the user to nobody , which isn't good for me,  it sould be root.

I dont't see how to change it.,

1 ACCEPTED SOLUTION

PASCAL_78
4,724 Views

My probblem is solved now.

I've understood NFS4 mecanisms .

I had severals problems:

- the security rights of my volume were bad (owner nobody and group root) because of some mistake.

- so a chown from the linux box was needed to update the rights and give corrects rights to root.

- after that i declared a special user on the netapp according to my linux box, and made a chown to give the volume to this user.

- now fsecurity output show me that the volume is for this user, and the mounting is ok.

Beause the mounting from the linux box read rights which are given by fsecurity output.

All is ok now.

Thanks everybody.

View solution in original post

7 REPLIES 7

aborzenkov
4,724 Views

Export with root=<ip-of-your-host>

Отправлено с iPhone

10.12.2012, в 21:50, "pascal touja" <xdl-communities@communities.netapp.com<mailto:xdl-communities@communities.netapp.com>> написал(а):

<https://communities.netapp.com/index.jspa>

problem with the security right of a volume

created by pascal touja<https://communities.netapp.com/people/PASCAL_78> in Data ONTAP - View the full discussion<https://communities.netapp.com/message/96501#96501>

Hello everybody, I 've got a problem with a volume.

this is the output of this command:

fsecurity show -v nfs_logs /

Security style: Unix

Effective style: Unix

DOS attributes: 0x0010 (--D-)

Unix security:

uid: 65535 (nobody)

gid: 0 (root)

mode: 0755 (rwxr-xr-x)

How to change this ? Because whe I mount the export on a linux system, it put the user to nobody , which isn't good for me, it sould be root.

I dont't see how to change it.,

Reply to this message by replying to this email -or- go to the message on NetApp Community<https://communities.netapp.com/message/96501#96501>

Start a new discussion in Data ONTAP by email<mailto:discussions-community-products_and_solutions-data_ontap@communities.netapp.com> or at NetApp Community<https://communities.netapp.com/choose-container.jspa?contentType=1&containerType=14&container=2877>

PASCAL_78
4,724 Views

Thanks ,

I have this export file : /nfs_logs    -actual=/vol/nfs_logs,sec=sys,rw,root=<ip>

when i mount i've this on my linux system  :

drwxr-xr-x   3 nobody   root    4096 Nov 16 17:59 testnas

How to change right affectted to the volume ?

On others volumes wich are correct i have this output:

fsecurity show -v vol0 /

[/vol/vol0 - Directory (inum 64)]

  Security style: Unix

  Effective style: Unix

  DOS attributes: 0x0010 (----D---)

  Unix security:

    uid: 0 (root)

    gid: 0 (root)

    mode: 0755 (rwxr-xr-x)

How to change the output of fsecurity ?

LTDCLSERGAO
4,724 Views

hello Pascal,

On which client did you mount your volume ? linux or solaris ?

Try to mount the nfs shares with vers=3 option.

aborzenkov
4,724 Views

Are you using NFSv3 or NFSv4?

PASCAL_78
4,724 Views

I'm using NFSv4 on a linux system.

aborzenkov
4,724 Views

For NFSv4 you must setup user mapping between server and client; NFSv4 does not use numeric UID anymore; it is using user names and server will lookup names locally.

Unless you have centralized user database (LDAP, NIS) I suggest you should use NFSv3.

PASCAL_78
4,725 Views

My probblem is solved now.

I've understood NFS4 mecanisms .

I had severals problems:

- the security rights of my volume were bad (owner nobody and group root) because of some mistake.

- so a chown from the linux box was needed to update the rights and give corrects rights to root.

- after that i declared a special user on the netapp according to my linux box, and made a chown to give the volume to this user.

- now fsecurity output show me that the volume is for this user, and the mounting is ok.

Beause the mounting from the linux box read rights which are given by fsecurity output.

All is ok now.

Thanks everybody.

Public