Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Can't mount remote share: "failed: permission denied"

Posted on 2004-10-24
23
Medium Priority
?
533 Views
Last Modified: 2008-01-09
Hi,

The following command fails:

mount -t nfs 192.168.0.200:/ /mnt/test

It gives the following failure command:

mount: 192.168.0.200:/ failed, reason given by server: permission denied.

Background:

1. On the machine with the IP address 192.168.0.200, it has daemons /usr/sbin/rpc.nfsd and /usr/sbin/rpc.mountd running.
2. /etc/exports is ok, it is:
/           *(rw,no_root_squash)
0
Comment
Question by:Risky101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 6
  • 3
  • +2
23 Comments
 
LVL 2

Expert Comment

by:hoonexpert
ID: 12397932
Are you sure you want to mount the / (root partition).

Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

Hope it helps

Manish.
Baroda.
India.
0
 
LVL 5

Expert Comment

by:paranoidcookie
ID: 12399307
Firslty I hope you are doing this on a private network nfs is horribly flawed when it comes to security especially if you allow remote root.
Check the /etc/hosts.allow and /etc/host.deny files to see if anything in there is blocking you.

Does /mnt/test exist?

Are the root passwords the same on both boxes? and it not are you authenticating to the remote box with the correct password.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 12403873
Hi,

   Please check the permission on /. Is it 644. And restart nfsd:
# exportfs -a
# service nfs restart

   "no_root_squash" has allowed all root previlege.

Regards,

Wesly
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 

Author Comment

by:Risky101
ID: 12405728
> Are you sure you want to mount the / (root partition).

> Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

There is no iptables utility on the embedded linux box.
0
 

Author Comment

by:Risky101
ID: 12405756
> Please check the permission on /. Is it 644. And restart nfsd:
> # exportfs -a
> # service nfs restart

Tried that - same error.
0
 

Author Comment

by:Risky101
ID: 12405804
> Firslty I hope you are doing this on a private network nfs is horribly flawed
> when it comes to security especially if you allow remote root.

Yes, private network, for development only.

> Check the /etc/hosts.allow and /etc/host.deny files to see if anything in there is blocking you.

There is no /etc/hosts.deny, /etc/hosts.allow has the line:
ALL:ALL

> Does /mnt/test exist?

Yes.

> Are the root passwords the same on both boxes? and it not are you authenticating to the remote > box with the correct password.

No, the root passwords are different. I briefly tried changing the root password on the client to be the same as the password on the server - didnt work. How do I authenticate to the remote box with the correct password?
0
 

Author Comment

by:Risky101
ID: 12405810
> Are you sure you want to mount the / (root partition).

> Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

I'll restate this - there is no iptables utility on the nfs server (this is the embedded linux box).
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 12406073
One more thing, could you check the "statd" and "lockd" are running on NFS server?

Wesly
0
 

Author Comment

by:Risky101
ID: 12406269
No, there's not running - are these necessary?
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 12406288
Yes, they are needed.
Please do "service nfslock start" to turn on thes two services
and "chkconfig --level 345 nfslock on" to make it start by boot-up.

Wesly
0
 

Author Comment

by:Risky101
ID: 12407001
Er, are you sure that nfslock is needed? Nfslock is turned off on my Redhat 9.0 box, and it is working as a NFS server right now.

According to "http://packages.debian.org/stable/net/nfs-user-server", "This package contains all necessary programs to make your Linux machine act as an NFS server, being an NFS daemon (rpc.nfsd), a mount daemon (rpc.mountd)."

I am sure that there is some other explanation.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 12407151
OK, nslockd and statd provide file lock feature for multiple processes access the same file at the same time through NFS.
It's more for file integration purpose to avoid multiple writing on the same file and corrupt the file.
For me, it is necessary.

For Debian, I'm not sure.

Wesly
0
 

Author Comment

by:Risky101
ID: 12407274
Thanks for your feedback - I turned it off to try to make things more reliable; theres only two computers on the network and one app running on that directory so it should be ok.

Any other clues as to why its failing?
0
 
LVL 2

Expert Comment

by:hoonexpert
ID: 12418835
First of check what is exported by NFS Server

#showmount –e <remote ip>

1. for Client - Pls ping server and check if its working
2. now # showmount –e <ip addr>

                         OR

#showmount –e <netbios name of server>

3. Next is to if portmapper service is working or not

#rpcinfo –p <ip addr>

Good Luck again.

Manish.
Baroda.
India

0
 

Author Comment

by:Risky101
ID: 12419546
1. Running ping on client:

$ ping 192.168.0.237
$ 64 bytes from 192.168.0.237: icmp_seq=1 ttl=64 time=0.608ms

2. Running showmount on client:

$ showmount -e 192.168.0.237
Export list for 192.168.0.237:
/ *

3. Running rpcinfo on client:

$ rpcinfo -p 192.168.0.237
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100003    2   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100005    1   udp    625  mountd
    100005    2   udp    625  mountd
    100005    1   tcp    628  mountd
    100005    2   tcp    628  mountd

4. The root password for the client and server is different. Would this stop it working? How can I authenticate across the network?
0
 
LVL 38

Accepted Solution

by:
wesly_chen earned 1000 total points
ID: 12422314
Hi,

   Could you change the nfs share point (/etc/exports) on the server to something other than "/"?
Say
/var *(rw,no_root_squash)
to see you can mount server:/var first.

Wesly
0
 

Author Comment

by:Risky101
ID: 12426992
> Hi,

>    Could you change the nfs share point (/etc/exports) on the server to something other than "/"?
> Say
> /var *(rw,no_root_squash)
> to see you can mount server:/var first.

> Wesly

Same problem - permission denied.

The root passwords on both boxes are different, but I can't figure out how to specify a different password when connecting.
0
 
LVL 2

Expert Comment

by:hoonexpert
ID: 12432031
To whom does the IP pinged belongs to

i mean 192.168.0.237

regards,

Manish.
Baroda
India.
0
 

Author Comment

by:Risky101
ID: 12438324
192.168.0.237 belongs to the NFS server.
192.168.0.35 belongs to the NFS client.
0
 

Author Comment

by:Risky101
ID: 12438333
In the original post, I stated that 192.168.0.200 was the server. Either IP address for the server will do - there is two units.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 12438398
Do you have another Unix/Linux box in the same network?
Could you try to mount from another Unix/Linux box?

Wesly
0
 

Expert Comment

by:squisher
ID: 12446318
You mentioned that it is an embedded box, so maybe this does not apply but have you checked the syslog on the server for any relevant messages?
0
 

Author Comment

by:Risky101
ID: 14352803
I'm closing this, as there doesn't seem to be an answser forthcoming.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question