Can't mount remote share: "failed: permission denied"

Hi,

The following command fails:

mount -t nfs 192.168.0.200:/ /mnt/test

It gives the following failure command:

mount: 192.168.0.200:/ failed, reason given by server: permission denied.

Background:

1. On the machine with the IP address 192.168.0.200, it has daemons /usr/sbin/rpc.nfsd and /usr/sbin/rpc.mountd running.
2. /etc/exports is ok, it is:
/           *(rw,no_root_squash)
Risky101Asked:
Who is Participating?
 
wesly_chenCommented:
Hi,

   Could you change the nfs share point (/etc/exports) on the server to something other than "/"?
Say
/var *(rw,no_root_squash)
to see you can mount server:/var first.

Wesly
0
 
hoonexpertCommented:
Are you sure you want to mount the / (root partition).

Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

Hope it helps

Manish.
Baroda.
India.
0
 
paranoidcookieCommented:
Firslty I hope you are doing this on a private network nfs is horribly flawed when it comes to security especially if you allow remote root.
Check the /etc/hosts.allow and /etc/host.deny files to see if anything in there is blocking you.

Does /mnt/test exist?

Are the root passwords the same on both boxes? and it not are you authenticating to the remote box with the correct password.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
wesly_chenCommented:
Hi,

   Please check the permission on /. Is it 644. And restart nfsd:
# exportfs -a
# service nfs restart

   "no_root_squash" has allowed all root previlege.

Regards,

Wesly
0
 
Risky101Author Commented:
> Are you sure you want to mount the / (root partition).

> Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

There is no iptables utility on the embedded linux box.
0
 
Risky101Author Commented:
> Please check the permission on /. Is it 644. And restart nfsd:
> # exportfs -a
> # service nfs restart

Tried that - same error.
0
 
Risky101Author Commented:
> Firslty I hope you are doing this on a private network nfs is horribly flawed
> when it comes to security especially if you allow remote root.

Yes, private network, for development only.

> Check the /etc/hosts.allow and /etc/host.deny files to see if anything in there is blocking you.

There is no /etc/hosts.deny, /etc/hosts.allow has the line:
ALL:ALL

> Does /mnt/test exist?

Yes.

> Are the root passwords the same on both boxes? and it not are you authenticating to the remote > box with the correct password.

No, the root passwords are different. I briefly tried changing the root password on the client to be the same as the password on the server - didnt work. How do I authenticate to the remote box with the correct password?
0
 
Risky101Author Commented:
> Are you sure you want to mount the / (root partition).

> Make sure iptables is not causing the problem. Run iptables -F on the nfs server and try again.

I'll restate this - there is no iptables utility on the nfs server (this is the embedded linux box).
0
 
wesly_chenCommented:
One more thing, could you check the "statd" and "lockd" are running on NFS server?

Wesly
0
 
Risky101Author Commented:
No, there's not running - are these necessary?
0
 
wesly_chenCommented:
Yes, they are needed.
Please do "service nfslock start" to turn on thes two services
and "chkconfig --level 345 nfslock on" to make it start by boot-up.

Wesly
0
 
Risky101Author Commented:
Er, are you sure that nfslock is needed? Nfslock is turned off on my Redhat 9.0 box, and it is working as a NFS server right now.

According to "http://packages.debian.org/stable/net/nfs-user-server", "This package contains all necessary programs to make your Linux machine act as an NFS server, being an NFS daemon (rpc.nfsd), a mount daemon (rpc.mountd)."

I am sure that there is some other explanation.
0
 
wesly_chenCommented:
OK, nslockd and statd provide file lock feature for multiple processes access the same file at the same time through NFS.
It's more for file integration purpose to avoid multiple writing on the same file and corrupt the file.
For me, it is necessary.

For Debian, I'm not sure.

Wesly
0
 
Risky101Author Commented:
Thanks for your feedback - I turned it off to try to make things more reliable; theres only two computers on the network and one app running on that directory so it should be ok.

Any other clues as to why its failing?
0
 
hoonexpertCommented:
First of check what is exported by NFS Server

#showmount –e <remote ip>

1. for Client - Pls ping server and check if its working
2. now # showmount –e <ip addr>

                         OR

#showmount –e <netbios name of server>

3. Next is to if portmapper service is working or not

#rpcinfo –p <ip addr>

Good Luck again.

Manish.
Baroda.
India

0
 
Risky101Author Commented:
1. Running ping on client:

$ ping 192.168.0.237
$ 64 bytes from 192.168.0.237: icmp_seq=1 ttl=64 time=0.608ms

2. Running showmount on client:

$ showmount -e 192.168.0.237
Export list for 192.168.0.237:
/ *

3. Running rpcinfo on client:

$ rpcinfo -p 192.168.0.237
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100003    2   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100005    1   udp    625  mountd
    100005    2   udp    625  mountd
    100005    1   tcp    628  mountd
    100005    2   tcp    628  mountd

4. The root password for the client and server is different. Would this stop it working? How can I authenticate across the network?
0
 
Risky101Author Commented:
> Hi,

>    Could you change the nfs share point (/etc/exports) on the server to something other than "/"?
> Say
> /var *(rw,no_root_squash)
> to see you can mount server:/var first.

> Wesly

Same problem - permission denied.

The root passwords on both boxes are different, but I can't figure out how to specify a different password when connecting.
0
 
hoonexpertCommented:
To whom does the IP pinged belongs to

i mean 192.168.0.237

regards,

Manish.
Baroda
India.
0
 
Risky101Author Commented:
192.168.0.237 belongs to the NFS server.
192.168.0.35 belongs to the NFS client.
0
 
Risky101Author Commented:
In the original post, I stated that 192.168.0.200 was the server. Either IP address for the server will do - there is two units.
0
 
wesly_chenCommented:
Do you have another Unix/Linux box in the same network?
Could you try to mount from another Unix/Linux box?

Wesly
0
 
squisherCommented:
You mentioned that it is an embedded box, so maybe this does not apply but have you checked the syslog on the server for any relevant messages?
0
 
Risky101Author Commented:
I'm closing this, as there doesn't seem to be an answser forthcoming.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.