Network and Storage Protocols

problem with the security right of a volume

PASCAL_78

Hello everybody, I 've got a problem with a volume.

this is the output of this command:

fsecurity show -v nfs_logs /

[/vol/nfs_logs - Directory (inum 64)]

  Security style: Unix

  Effective style: Unix

  DOS attributes: 0x0010 (----D---)

  Unix security:

    uid: 65535 (nobody)

    gid: 0 (root)

    mode: 0755 (rwxr-xr-x)

How to change this ?  Because whe I mount the export on a linux system, it put the user to nobody , which isn't good for me,  it sould be root.

I dont't see how to change it.,

1 ACCEPTED SOLUTION

PASCAL_78

My probblem is solved now.

I've understood NFS4 mecanisms .

I had severals problems:

- the security rights of my volume were bad (owner nobody and group root) because of some mistake.

- so a chown from the linux box was needed to update the rights and give corrects rights to root.

- after that i declared a special user on the netapp according to my linux box, and made a chown to give the volume to this user.

- now fsecurity output show me that the volume is for this user, and the mounting is ok.

Beause the mounting from the linux box read rights which are given by fsecurity output.

All is ok now.

Thanks everybody.

View solution in original post

7 REPLIES 7

PASCAL_78

My probblem is solved now.

I've understood NFS4 mecanisms .

I had severals problems:

- the security rights of my volume were bad (owner nobody and group root) because of some mistake.

- so a chown from the linux box was needed to update the rights and give corrects rights to root.

- after that i declared a special user on the netapp according to my linux box, and made a chown to give the volume to this user.

- now fsecurity output show me that the volume is for this user, and the mounting is ok.

Beause the mounting from the linux box read rights which are given by fsecurity output.

All is ok now.

Thanks everybody.

View solution in original post

aborzenkov

Export with root=<ip-of-your-host>

Отправлено с iPhone

10.12.2012, в 21:50, "pascal touja" <xdl-communities@communities.netapp.com<mailto:xdl-communities@communities.netapp.com>> написал(а):

<https://communities.netapp.com/index.jspa>

problem with the security right of a volume

created by pascal touja<https://communities.netapp.com/people/PASCAL_78> in Data ONTAP - View the full discussion<https://communities.netapp.com/message/96501#96501>

Hello everybody, I 've got a problem with a volume.

this is the output of this command:

fsecurity show -v nfs_logs /

Security style: Unix

Effective style: Unix

DOS attributes: 0x0010 (--D-)

Unix security:

uid: 65535 (nobody)

gid: 0 (root)

mode: 0755 (rwxr-xr-x)

How to change this ? Because whe I mount the export on a linux system, it put the user to nobody , which isn't good for me, it sould be root.

I dont't see how to change it.,

Reply to this message by replying to this email -or- go to the message on NetApp Community<https://communities.netapp.com/message/96501#96501>

Start a new discussion in Data ONTAP by email<mailto:discussions-community-products_and_solutions-data_ontap@communities.netapp.com> or at NetApp Community<https://communities.netapp.com/choose-container.jspa?contentType=1&containerType=14&container=2877>

PASCAL_78

Thanks ,

I have this export file : /nfs_logs    -actual=/vol/nfs_logs,sec=sys,rw,root=<ip>

when i mount i've this on my linux system  :

drwxr-xr-x   3 nobody   root    4096 Nov 16 17:59 testnas

How to change right affectted to the volume ?

On others volumes wich are correct i have this output:

fsecurity show -v vol0 /

[/vol/vol0 - Directory (inum 64)]

  Security style: Unix

  Effective style: Unix

  DOS attributes: 0x0010 (----D---)

  Unix security:

    uid: 0 (root)

    gid: 0 (root)

    mode: 0755 (rwxr-xr-x)

How to change the output of fsecurity ?

aborzenkov

Are you using NFSv3 or NFSv4?

PASCAL_78

I'm using NFSv4 on a linux system.

aborzenkov

For NFSv4 you must setup user mapping between server and client; NFSv4 does not use numeric UID anymore; it is using user names and server will lookup names locally.

Unless you have centralized user database (LDAP, NIS) I suggest you should use NFSv3.

LTDCLSERGAO

hello Pascal,

On which client did you mount your volume ? linux or solaris ?

Try to mount the nfs shares with vers=3 option.

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public