After installing 9.2 on both a server and a client, I started nfs on the server without problems, but attempting to start it on the client turned up a "permission denied" message. The last time I used nfs, if memory serves, was on 9.0, and the same /etc/exports file and entries into /etc/fstab on the client were successful. /etc/exports was a simple: * /home (rw,no_root_squash) * /var (rw,no_root_squash) /etc/fstab on the client side: suseutil:/var /var/suseutil.var nfs defaults 0 0 suseutil:/home /home/suseutil.home nfs defaults 0 0 As I said, these entries have worked with past SuSE versions. My conclusion is that SuSE has tightened something. Does anyone know what it is or where I should start looking?
On Thursday 25 November 2004 09:39, Tim Hanson wrote:
After installing 9.2 on both a server and a client, I started nfs on the server without problems, but attempting to start it on the client turned up a "permission denied" message.
The last time I used nfs, if memory serves, was on 9.0, and the same /etc/exports file and entries into /etc/fstab on the client were successful. /etc/exports was a simple:
* /home (rw,no_root_squash) * /var (rw,no_root_squash)
Shouldn't this be: /home *(rw,no_root_squash,async) /var *(rw,no_root_squash,async) ? In my experience, NFS is sensitive to having a working DNS, complete with reverse look-ups. But in this particular setup, it should work without one. Look in /var/log/messages on the server after you attempt mounting from the client.
* /home (rw,no_root_squash) * /var (rw,no_root_squash)
Shouldn't this be:
/home *(rw,no_root_squash,async) /var *(rw,no_root_squash,async)
Yup.
In my experience, NFS is sensitive to having a working DNS, complete with reverse look-ups. But in this particular setup, it should work without one.
Look in /var/log/messages on the server after you attempt mounting from the client.
It wasn't all that helpful: Nov 25 00:57:20 suseutil mountd[4657]: NFS mount of /var attempted from 192.168.1.3 Nov 25 00:57:20 suseutil mountd[4657]: Unauthorized access by NFS client 192.168.1.3. Nov 25 00:57:20 suseutil mountd[4657]: Blocked attempt of 192.168.1.3 to mount /var Nov 25 00:57:20 suseutil mountd[4657]: NFS mount of /home attempted from 192.168.1.3 Nov 25 00:57:20 suseutil mountd[4657]: Unauthorized access by NFS client 192.168.1.3. Nov 25 00:57:20 suseutil mountd[4657]: Blocked attempt of 192.168.1.3 to mount /home Nov 25 00:58:53 suseutil sshd[4961]: Accepted keyboard-interactive/pam for root from ::ffff:192.1 68.1.3 port 33031 ssh2
On Thursday 25 November 2004 10:06, Tim Hanson wrote:
* /home (rw,no_root_squash) * /var (rw,no_root_squash)
Shouldn't this be:
/home *(rw,no_root_squash,async) /var *(rw,no_root_squash,async)
Yup.
Note that * matches hostnames, not IP addresses. If you don't have a DNS resolution of the host names, use 0/0 to mean "all hosts", or 192.168.1.0/24 to mean "all hosts in the 192.168.1.* network"
On Thu, 2004-11-25 at 19:41 +0100, Anders Johansson wrote:
Note that * matches hostnames, not IP addresses. If you don't have a DNS resolution of the host names, use 0/0 to mean "all hosts", or 192.168.1.0/24 to mean "all hosts in the 192.168.1.* network"
Okay, something worked. I set up /etc/hosts on both computers (I'll do a full DNS setup later). In /etc/exports, I left the "hosts" field completely blank. On the client, I replaced the IP addresses in /etc/fstab with names. Finally, I rebooted the client to make absolutely sure /etc/fstab would be read. I'm going to start adding things back one at a time. I've never worked with BIND 9 before, only BIND 8, but now's a good time to learn. I'm also going to tackle NIS.
On Friday 26 November 2004 00:51, Tim Hanson wrote:
On Thu, 2004-11-25 at 19:41 +0100, Anders Johansson wrote:
Note that * matches hostnames, not IP addresses. If you don't have a DNS resolution of the host names, use 0/0 to mean "all hosts", or 192.168.1.0/24 to mean "all hosts in the 192.168.1.* network"
I did not see Anders' response on the list - just your reply to him. But glad you got this working.
Okay, something worked. I set up /etc/hosts on both computers (I'll do a full DNS setup later). In /etc/exports, I left the "hosts" field completely blank. On the client, I replaced the IP addresses in /etc/fstab with names. Finally, I rebooted the client to make absolutely sure /etc/fstab would be read.
rcnetwork restart as root should do the trick - this ain't Windows!
I'm going to start adding things back one at a time. I've never worked with BIND 9 before, only BIND 8, but now's a good time to learn. I'm also going to tackle NIS.
Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Thursday 25 November 2004 01:39 am, Tim Hanson wrote:
After installing 9.2 on both a server and a client, I started nfs on the server without problems, but attempting to start it on the client turned up a "permission denied" message.
The last time I used nfs, if memory serves, was on 9.0, and the same /etc/exports file and entries into /etc/fstab on the client were successful. /etc/exports was a simple:
* /home (rw,no_root_squash) * /var (rw,no_root_squash)
/etc/fstab on the client side:
suseutil:/var /var/suseutil.var nfs defaults 0 0 suseutil:/home /home/suseutil.home nfs defaults 0 0
As I said, these entries have worked with past SuSE versions. My conclusion is that SuSE has tightened something. Does anyone know what it is or where I should start looking?
In the export file try specifying the network/netmask that can access the share instead of the '*'. One of my entries: /shared 192.168.1.0/255.255.255.0(insecure,no_root_squash,rw) I'm not sure the 'insecure' is needed. I was in a hurry and just trying to get it work at the time. Since it's a local network behind a firewall, I just haven't tried it without the 'insecure' yet. Hope that helps Doug
torsdag 25 november 2004 15:09 skrev Doug B:
I'm not sure the 'insecure' is needed. I was in a hurry and just trying to get it work at the time. Since it's a local network behind a firewall, I just haven't tried it without the 'insecure' yet.
I found one "weird" thing with my 9.2 box here, and that is when NFS was started, it would result in "permission denied" from the clients. If I went into YaST and had YaST start it (after setting up some NFS parameters), then it was ok. Weird!
participants (6)
-
Anders Johansson
-
Don Parris
-
Doug B
-
Silviu Marin-Caea
-
Tim Hanson
-
Örn Hansen