Link to home
Start Free TrialLog in
Avatar of CEHJ
CEHJFlag for United Kingdom of Great Britain and Northern Ireland

asked on

NFS denying access to root

Despite specifying no_root_squash, root most definitely is getting squashed. This makes it difficult when i need to access the share as root (e.g. with Clonezilla).

Access denied to tree /bk. /etc/exports is
# /etc/exports: the access control list for filesystems which may be exported
#		to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync) hostname2(ro,sync)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt)
# /srv/nfs4/homes  gss/krb5i(rw,sync)
#
#/		192.168.1.0/24(rw,sync,crossmnt)
/		192.168.1.0/24(rw,sync,no_root_squash,crossmnt)
/bk		192.168.1.0/24(rw,sync,no_root_squash,crossmnt)
#/bk		192.168.1.0/24(rw,sync,crossmnt)
/mnt/mp3	192.168.1.0/24(rw,sync,crossmnt)

Open in new window

Avatar of arnold
arnold
Flag of United States of America image
You need to add root=192.168.1.0/24 (rw) to the line of the NFS share you want. Or limit the systems from which these NFS partitions can be accessed as root.
Squashing and not squashing means one thing.  Granting root access is another setting.
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

You need to add root=192.168.1.0/24 (rw) to the line of the NFS share you want.
Sorry - not quite with you there. Do you mean in /etc/exports? If so, could you show me how the file should look?
Avatar of arnold
arnold
Flag of United States of America image
At the end of each of the lines 12,13

,root=192.168.1.0/24 (rw)

Then run exportfs -a to have the change applied.
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

exportfs: /etc/exports:1: syntax error: bad option list

shell returned 22

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of arnold
arnold
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

I don't think so. No sestatus command available to root, though there are seemingly 'remnants' e.g.

/lib/libselinux.so.1

what error are you getting when mounting or trying to access? 

goose@vaio:/tmp$ sudo ll h/bk/goose/clients/johnson/me/thinkstn-sysinfo.txt.gz
ls: cannot access h/bk/goose/clients/johnson/me/thinkstn-sysinfo.txt.gz: Permission denied

Open in new window

Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

I' m wondering if it might be because the principal (not root) user has got a sshfs mount at the same time (PKI only). Going to test that
SOLUTION
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Thanks for the help