-
#1
Hi to all Proxmox fans!
I updated to the latest Version of Proxmox and after that
I could not mount same nfs share as before.
‘mount error: mount.nfs: an incorrect mount option was specified (500)’
Working nfs mounting:
pveversion -v
proxmox-ve-2.6.32: 3.1-114 (running kernel: 2.6.32-26-pve)
pve-manager: 3.1-24 (running version: 3.1-24/060bd5a6)
pve-kernel-2.6.32-20-pve: 2.6.32-100
pve-kernel-2.6.32-19-pve: 2.6.32-96
pve-kernel-2.6.32-24-pve: 2.6.32-111
pve-kernel-2.6.32-22-pve: 2.6.32-107
pve-kernel-2.6.32-14-pve: 2.6.32-74
pve-kernel-2.6.32-26-pve: 2.6.32-114
pve-kernel-2.6.32-23-pve: 2.6.32-109
lvm2: 2.02.98-pve4
clvm: 2.02.98-pve4
corosync-pve: 1.4.5-1
openais-pve: 1.1.4-3
libqb0: 0.11.1-2
redhat-cluster-pve: 3.2.0-2
resource-agents-pve: 3.9.2-4
fence-agents-pve: 4.0.0-2
pve-cluster: 3.0-8
qemu-server: 3.1-8
pve-firmware: 1.0-23
libpve-common-perl: 3.0-9
libpve-access-control: 3.0-8
libpve-storage-perl: 3.0-18
pve-libspice-server1: 0.12.4-2
vncterm: 1.1-6
vzctl: 4.0-1pve4
vzprocps: 2.0.11-2
vzquota: 3.1-2
pve-qemu-kvm: 1.4-17
ksm-control-daemon: 1.1-1
glusterfs-client: 3.4.1-1
Not working nfs mounting:
pveversion -v
proxmox-ve-2.6.32: 3.1-121 (running kernel: 2.6.32-27-pve)
pve-manager: 3.1-43 (running version: 3.1-43/1d4b0dfb)
pve-kernel-2.6.32-20-pve: 2.6.32-100
pve-kernel-2.6.32-27-pve: 2.6.32-121
pve-kernel-2.6.32-19-pve: 2.6.32-96
pve-kernel-2.6.32-24-pve: 2.6.32-111
pve-kernel-2.6.32-25-pve: 2.6.32-113
pve-kernel-2.6.32-22-pve: 2.6.32-107
pve-kernel-2.6.32-26-pve: 2.6.32-114
pve-kernel-2.6.32-23-pve: 2.6.32-109
lvm2: 2.02.98-pve4
clvm: 2.02.98-pve4
corosync-pve: 1.4.5-1
openais-pve: 1.1.4-3
libqb0: 0.11.1-2
redhat-cluster-pve: 3.2.0-2
resource-agents-pve: 3.9.2-4
fence-agents-pve: 4.0.5-1
pve-cluster: 3.0-12
qemu-server: 3.1-15
pve-firmware: 1.1-2
libpve-common-perl: 3.0-13
libpve-access-control: 3.0-11
libpve-storage-perl: 3.0-19
pve-libspice-server1: 0.12.4-3
vncterm: 1.1-6
vzctl: 4.0-1pve4
vzprocps: 2.0.11-2
vzquota: 3.1-2
pve-qemu-kvm: 1.7-4
ksm-control-daemon: 1.1-1
glusterfs-client: 3.4.2-1
If I try it on prompt:
root@proxmox:~# mount.nfs -v NFS-SERVER:/Sicherung /mnt/pve/NAS-NFS/ -o vers=3,nolock -vvv
mount.nfs: timeout set for Wed Feb 19 15:31:20 2014
mount.nfs: trying text-based options ‘vers=3,nolock,addr=NFS-SERVER’
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying NFS-SERVER prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying NFS-SERVER prog 100005 vers 3 prot UDP port 45924
cat /etc/pve/storage.cfg
dir: local
path /var/lib/vz
content images,iso,vztmpl,rootdir
nfs: NFS-NAS
path /mnt/pve/NFS-NAS
server NFS-SERVER
export /Sicherung
options vers=3
content backup
maxfiles 1
Any ideas?
Greets
Last edited: Feb 19, 2014
-
#2
Re: NFS-Storage mount error 500 after Update
Ok.
When I change storage.cfg to
options vers=3,nolock
it works again.
-
#3
Re: NFS-Storage mount error 500 after Update
I had the same problem, except I did not have an NFS share before, I configured it freshly.
But adding nolock to storage.cfg worked.
Thanks for sharing your solution!
-
#4
I have something similar
Create storage failed: error with cfs lock ‘file-storage_cfg’: mount error: mount.nfs: access denied by server while mounting 192.168.1.15:/mnt/NFS (500).
Somebody have idea?
-
#5
I have something similar
Create storage failed: error with cfs lock ‘file-storage_cfg’: mount error: mount.nfs: access denied by server while mounting 192.168.1.15:/mnt/NFS (500).
Somebody have idea?
same problem here. Any solution’s yet?
Edit: solvet it with command «insecure» on the server side. was some error about illegal port.
is this a bad solution?
Last edited: Jun 7, 2018
-
#6
Proxmox VE 3.x is not more supported, so please update to a supported version.
Problem
Mounting the nfs share from CentOS/RHEL NFS server on a NFS client gives error as shown below:
# mount -t nfs x.x.x.x:/share /mnt mount.nfs: access denied by server while mounting x.x.x.x:/share
You can try running the mount command with the verbose option to get an detailed error on the issue.
# mount -t nfs -vvvv server.example.com:/share /mnt mount.nfs: timeout set for Fri Mar 9 17:56:57 2018 mount.nfs: trying text-based options 'vers=4.1,addr=x.x.x.x,clientaddr=x.x.x.x' mount.nfs: mount(2): Protocol not supported mount.nfs: trying text-based options 'vers=4.0,addr=x.x.x.x,clientaddr=x.x.x.x' mount.nfs: mount(2): Protocol not supported mount.nfs: trying text-based options 'addr=x.x.x.x' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying x.x.x.x prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying x.x.x.x prog 100005 vers 3 prot UDP port 300 mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting server.example.com:/share
Solution
This is a generic issue with NFS mounting at client and can occur due to many issues. Below are some of the most commonly occuring issues.
1. Try mounting with NFSv3
Sometimes the NFS server may only support NFSv3 connections. By default the mount command uses NFSv4, which may result is the error. To avoid this specify the NFSv3 while mounting the share.
# mount -t nfs -o nfsvers=3 x.x.x.x:/share /mnt
2. Check /etc/exports for correct share options
Ensure /etc/exports is properly referring to the correct NFS client information for providing access. Some NFS servers require NFS client name to be resolvable to IP, thus it should be resolvable via DNS or specified in /etc/hosts of the NFS server.. The format of the /etc/exports file is:
dir client1 (options) [client2(options)...]
Client options include (defaults are listed first):
ro / rw :
a) ro : allow clients read only access to the share.
b) rw : allow clients read write access to the share.
sync / async :
a) sync : NFS server replies to request only after changes made by previous request are written to disk.
b) async : specifies that the server does not have to wait.
wdelay / no_wdelay
a) wdelay : NFS server delays committing write requests when it suspects another write request is imminent.
b) no_wdelay : use this option to disable to the delay. no_wdelay option can only be enabled if default sync option is enabled.
no_all_squash / all_squash :
a) no_all_squash : does not change the mapping of remote users.
b) all_squash : to squash all remote users including root.
root_squash / no_root_squash :
a) root_squash : prevent root users connected remotely from having root access. Effectively squashing remote root privileges.
b) no_root_squash : disable root squashing.
Example :
# vi /etc/exports /test nfs_client(rw)
3. Check NFS server permissions
– There could be issue with the NFS server sharing the NFS share. Try mounting the problematic share on another NFS client, to rule out the possibility of issue at NFS server.
– Set the permission as (ro,no_root_squash,sync) for nfs export on server end and run command:
Then try to mount the NFS share directory. If specifying the NFS client in /etc/exports by domain or hostname ensure the domain name maps to the correct IP, an incorrect entry in /etc/hosts for example could cause access to be denied.
4. Using tcpdump
In very rare cases, you may have to use the tcpdump to capture tcpdump of the mount operation. Run the below command first to start capturing the network packets. In another terminal start the NFS mount operation.
# tcpdump -s0 -i [eth#] host [nfs_server_ip] -w /tmp/tcpdump.pcap
Содержание
- [Solved] NFS-Storage mount error 500 after Update
- Kalle Wisch
- [SOLVED] nfs mount error
- BP2010
- CentOS
- [solved]NFS mount.nfs: access denied by server while mountin
- [solved]NFS mount.nfs: access denied by server while mountin
- Re: NFS mount.nfs: access denied by server while mounting
- Re: NFS mount.nfs: access denied by server while mounting
- Re: NFS mount.nfs: access denied by server while mounting
- Re: NFS mount.nfs: access denied by server while mounting
- Re: NFS mount.nfs: access denied by server while mounting
- “mount.nfs: access denied by server while mounting” – how to resolve
- Problem
- Solution
- 1. Try mounting with NFSv3
- 2. Check /etc/exports for correct share options
- 3. Check NFS server permissions
- 4. Using tcpdump
- mount.nfs: access denied by server while mounting
[Solved] NFS-Storage mount error 500 after Update
Kalle Wisch
New Member
Hi to all Proxmox fans!
I updated to the latest Version of Proxmox and after that
I could not mount same nfs share as before.
‘mount error: mount.nfs: an incorrect mount option was specified (500)’
Working nfs mounting:
pveversion -v
proxmox-ve-2.6.32: 3.1-114 (running kernel: 2.6.32-26-pve)
pve-manager: 3.1-24 (running version: 3.1-24/060bd5a6)
pve-kernel-2.6.32-20-pve: 2.6.32-100
pve-kernel-2.6.32-19-pve: 2.6.32-96
pve-kernel-2.6.32-24-pve: 2.6.32-111
pve-kernel-2.6.32-22-pve: 2.6.32-107
pve-kernel-2.6.32-14-pve: 2.6.32-74
pve-kernel-2.6.32-26-pve: 2.6.32-114
pve-kernel-2.6.32-23-pve: 2.6.32-109
lvm2: 2.02.98-pve4
clvm: 2.02.98-pve4
corosync-pve: 1.4.5-1
openais-pve: 1.1.4-3
libqb0: 0.11.1-2
redhat-cluster-pve: 3.2.0-2
resource-agents-pve: 3.9.2-4
fence-agents-pve: 4.0.0-2
pve-cluster: 3.0-8
qemu-server: 3.1-8
pve-firmware: 1.0-23
libpve-common-perl: 3.0-9
libpve-access-control: 3.0-8
libpve-storage-perl: 3.0-18
pve-libspice-server1: 0.12.4-2
vncterm: 1.1-6
vzctl: 4.0-1pve4
vzprocps: 2.0.11-2
vzquota: 3.1-2
pve-qemu-kvm: 1.4-17
ksm-control-daemon: 1.1-1
glusterfs-client: 3.4.1-1
Not working nfs mounting:
pveversion -v
proxmox-ve-2.6.32: 3.1-121 (running kernel: 2.6.32-27-pve)
pve-manager: 3.1-43 (running version: 3.1-43/1d4b0dfb)
pve-kernel-2.6.32-20-pve: 2.6.32-100
pve-kernel-2.6.32-27-pve: 2.6.32-121
pve-kernel-2.6.32-19-pve: 2.6.32-96
pve-kernel-2.6.32-24-pve: 2.6.32-111
pve-kernel-2.6.32-25-pve: 2.6.32-113
pve-kernel-2.6.32-22-pve: 2.6.32-107
pve-kernel-2.6.32-26-pve: 2.6.32-114
pve-kernel-2.6.32-23-pve: 2.6.32-109
lvm2: 2.02.98-pve4
clvm: 2.02.98-pve4
corosync-pve: 1.4.5-1
openais-pve: 1.1.4-3
libqb0: 0.11.1-2
redhat-cluster-pve: 3.2.0-2
resource-agents-pve: 3.9.2-4
fence-agents-pve: 4.0.5-1
pve-cluster: 3.0-12
qemu-server: 3.1-15
pve-firmware: 1.1-2
libpve-common-perl: 3.0-13
libpve-access-control: 3.0-11
libpve-storage-perl: 3.0-19
pve-libspice-server1: 0.12.4-3
vncterm: 1.1-6
vzctl: 4.0-1pve4
vzprocps: 2.0.11-2
vzquota: 3.1-2
pve-qemu-kvm: 1.7-4
ksm-control-daemon: 1.1-1
glusterfs-client: 3.4.2-1
If I try it on prompt:
root@proxmox:
# mount.nfs -v NFS-SERVER:/Sicherung /mnt/pve/NAS-NFS/ -o vers=3,nolock -vvv
mount.nfs: timeout set for Wed Feb 19 15:31:20 2014
mount.nfs: trying text-based options ‘vers=3,nolock,addr=NFS-SERVER’
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying NFS-SERVER prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying NFS-SERVER prog 100005 vers 3 prot UDP port 45924
cat /etc/pve/storage.cfg
dir: local
path /var/lib/vz
content images,iso,vztmpl,rootdir
nfs: NFS-NAS
path /mnt/pve/NFS-NAS
server NFS-SERVER
export /Sicherung
options vers=3
content backup
maxfiles 1
Источник
[SOLVED] nfs mount error
BP2010
Member
I have setup a folder on my Synology NAS to backup my ProxMox server. Everything worked perfect until I had to change the location of my NAS.
I got a new IP Address and an error:
mount error: mount.nfs: access denied by server while mounting 192.168.1.142:/volume1/Ordination (500)
I changed the IP address at /etc/pve/storage.cfg
cat /etc/pve/storage.cfg
dir: local
path /var/lib/vz
content vztmpl,iso,backup
lvmthin: local-lvm
thinpool data
vgname pve
content images,rootdir
nfs: Backup
export /volume1/Ordination
path /mnt/pve/Backup
server 192.168.1.142
content backup
maxfiles 5
zfspool: ZFS-MCW-Pool
pool myPool/MCW
content rootdir,images
sparse 0
pveversion -v
proxmox-ve: 6.0-2 (running kernel: 5.0.21-1-pve)
pve-manager: 6.0-6 (running version: 6.0-6/c71f879f)
pve-kernel-5.0: 6.0-7
pve-kernel-helper: 6.0-7
pve-kernel-4.15: 5.4-8
pve-kernel-5.0.21-1-pve: 5.0.21-2
pve-kernel-4.15.18-20-pve: 4.15.18-46
pve-kernel-4.15.18-9-pve: 4.15.18-30
ceph-fuse: 12.2.12-pve1
corosync: 3.0.2-pve2
criu: 3.11-3
glusterfs-client: 5.5-3
ksm-control-daemon: 1.3-1
libjs-extjs: 6.0.1-10
libknet1: 1.11-pve1
libpve-access-control: 6.0-2
libpve-apiclient-perl: 3.0-2
libpve-common-perl: 6.0-4
libpve-guest-common-perl: 3.0-1
libpve-http-server-perl: 3.0-2
libpve-storage-perl: 6.0-7
libqb0: 1.0.5-1
lvm2: 2.03.02-pve3
lxc-pve: 3.1.0-64
lxcfs: 3.0.3-pve60
novnc-pve: 1.0.0-60
proxmox-mini-journalreader: 1.1-1
proxmox-widget-toolkit: 2.0-7
pve-cluster: 6.0-7
pve-container: 3.0-5
pve-docs: 6.0-4
pve-edk2-firmware: 2.20190614-1
pve-firewall: 4.0-7
pve-firmware: 3.0-2
pve-ha-manager: 3.0-2
pve-i18n: 2.0-2
pve-qemu-kvm: 4.0.0-5
pve-xtermjs: 3.13.2-1
qemu-server: 6.0-7
smartmontools: 7.0-pve2
spiceterm: 3.1-1
vncterm: 1.6-1
zfsutils-linux: 0.8.1-pve2
But the error still appears.
Obviously, I am doing something wrong. Is there another place where I have to change the ip address? Any help would be appreciated.
Источник
CentOS
The Community ENTerprise Operating System
[solved]NFS mount.nfs: access denied by server while mountin
[solved]NFS mount.nfs: access denied by server while mountin
Post by ras123 » 2016/03/01 05:43:13
Previously, the client was a RHEL4 computer, now installed a fresh centos 6.7, after that I couldn’t mount using NFS.
Re: NFS mount.nfs: access denied by server while mounting
Post by TrevorH » 2016/03/01 07:49:16
Re: NFS mount.nfs: access denied by server while mounting
Post by ras123 » 2016/03/01 07:56:42
Re: NFS mount.nfs: access denied by server while mounting
Post by TrevorH » 2016/03/01 08:28:51
Isn’t that missing a leading / on the «exports» portion?
Does the client have more than one ip address?
Re: NFS mount.nfs: access denied by server while mounting
Post by ras123 » 2016/03/01 09:59:11
Hi,
it is /exports, ‘/’ not missed.
Client has not more than one ip, the if config returns:
Re: NFS mount.nfs: access denied by server while mounting
Post by ras123 » 2016/03/01 23:21:15
where user name (on both computer user name is same), and is local network ip.
Источник
“mount.nfs: access denied by server while mounting” – how to resolve
Problem
Mounting the nfs share from CentOS/RHEL NFS server on a NFS client gives error as shown below:
You can try running the mount command with the verbose option to get an detailed error on the issue.
Solution
This is a generic issue with NFS mounting at client and can occur due to many issues. Below are some of the most commonly occuring issues.
1. Try mounting with NFSv3
Sometimes the NFS server may only support NFSv3 connections. By default the mount command uses NFSv4, which may result is the error. To avoid this specify the NFSv3 while mounting the share.
Ensure /etc/exports is properly referring to the correct NFS client information for providing access. Some NFS servers require NFS client name to be resolvable to IP, thus it should be resolvable via DNS or specified in /etc/hosts of the NFS server.. The format of the /etc/exports file is:
Client options include (defaults are listed first):
ro / rw :
a) ro : allow clients read only access to the share.
b) rw : allow clients read write access to the share.
sync / async :
a) sync : NFS server replies to request only after changes made by previous request are written to disk.
b) async : specifies that the server does not have to wait.
wdelay / no_wdelay
a) wdelay : NFS server delays committing write requests when it suspects another write request is imminent.
b) no_wdelay : use this option to disable to the delay. no_wdelay option can only be enabled if default sync option is enabled.
no_all_squash / all_squash :
a) no_all_squash : does not change the mapping of remote users.
b) all_squash : to squash all remote users including root.
root_squash / no_root_squash :
a) root_squash : prevent root users connected remotely from having root access. Effectively squashing remote root privileges.
b) no_root_squash : disable root squashing.
3. Check NFS server permissions
– There could be issue with the NFS server sharing the NFS share. Try mounting the problematic share on another NFS client, to rule out the possibility of issue at NFS server.
– Set the permission as (ro,no_root_squash,sync) for nfs export on server end and run command:
Then try to mount the NFS share directory. If specifying the NFS client in /etc/exports by domain or hostname ensure the domain name maps to the correct IP, an incorrect entry in /etc/hosts for example could cause access to be denied.
4. Using tcpdump
In very rare cases, you may have to use the tcpdump to capture tcpdump of the mount operation. Run the below command first to start capturing the network packets. In another terminal start the NFS mount operation.
Источник
mount.nfs: access denied by server while mounting
I have a problem I have been googling for at least 6 hours 28 hours with no luck. Whenever I try to mount a directory I get the following error (verbose version at end):
mount.nfs: access denied by server while mounting :
Initally I was using computer1 as the nfs server, but I have moved it over to computer2 and I am trying to mount on computers3-8 . As a further note, computer2 is now acting as the dhcp router for all other computers (even computer1 ), but I am almost certain that the problem has to do with computer2 ‘s nfs settings as I have tried the following:
- Try mounting a folder from the original computer1 server to one of the computers3-8 clients — SUCCESS
- Try mounting a folder from the original computer1 server to the new computer2 server — SUCCESS
- Try mounting a folder from the new computer2 server to one of the computers3-8 clients — FAILURE
- Try mounting a folder from the new computer2 server to the old computer1 server — FAILURE
- Try exporting then mounting any other folder on computer2 — FAILURE
- ssh to and from computer2 — SUCCESS
In addition to this, I have also checked to make sure that the relevant parts of the /etc/exports file do not have any mistakes. Therefore, I am almost absolutely certain this is not a permission issue.
Question: Given that this is not a network error, can anyone advise me as to how I can start debugging this problem.
Verbose output:
Verbose Output2:
Here is a more direct approach which isolates the mount to only the directory in question here:
I had come across this rpc.statd is not running but is required for remote locking error before, but all the googling in the world did not help me at all.
EDIT:
Chaos asked me to execute the following commands and display the results:
First on the server:
And then on the client
EDIT 2:
Chaos asked me to further execute the following commands and display the results:
Here is my /etc/exports file on the server. As you can see I am trying to use its name as defined in /etc/hosts , its ip address, and I am also trying to different folders to export. All other lines I omitted as they are just duplicates of the last line, just redirected to different raspis.
Here is my /etc/fstab file on my raspi5 client
EDIT 3:
Following some of the advice here I also set the insecure flag in exports, but to no avail, and here is the output of rpcinfo -p on the client and the server:
EDIT 4:
Further following some of the advice here I have gotten the following debugging logs:
EDIT 5:
I’ve made some progress and have deduced the following
- It’s not a port issue as client can telnet into host telnet 192.168.7.1 2049
- It’s probably not a network issue as the server can not even mount to itself
- The old version which supported (and still supports) mounting was running nfs-kernel-server 1:1.2.4-1 whereas the new server which does not support mounting is running nfs-kernel-server 1:1.2.8-2
- The command sudo /etc/init.d/portmap restart works on the old server, but not the new server, which tells me that I am missing portmap on the new server. However, when I try to install it via sudo apt-get install portmap , it tells me Note, selecting ‘rpcbind’ instead of ‘portmap’, and that rpcbind is already the newest version`
Edit 6:
Here is the output of iptables -L on my server:
Источник
Environment
- Red Hat Enterprise Linux (RHEL) 6, 7
- NFS
Issue
-
Error is seen in the log:
<hostname> mount: mount.nfs: access denied by server while mounting *.*.*.*:/home/share
Resolution
-
Include insecure option in
/etc/exportson NFS server like below:# cat /etc/exports /home/export *(rw,sync,no_root_squash,insecure) -
Re-export the share:
# exportfs -rav -
Try to mount the NFS share on NFS client.
- Ensure share is being exported to client in question. Mounting the nfs share from a RHEL NFS server giver error «mount.nfs: access denied by server while mounting»
Note: Share should be unmounted from all the clients before making any configuration changes on the NFS server else the share will become stale
Root Cause
-
Reserved ports are TCP/UDP ports from
0to1024for privileged services and designated as well-known ports. -
Below error was captured in log which means that NFS server requires a secure port:
<hostname> rpc.mountd[8111]: refused mount request from *.*.*.* for /home/export (/home/export): illegal port 21645
Diagnostic Steps
- NFS Server is pingable and able to
telnetto port2049and111. - The
showmount -e <nfs server ip>command gets hung. showmount -e <nfs_server_ip>comes back with no shares available(blank)
# showmount -e 1 <nfs-server-ip>
Export list for <nfs-server-ip>
- Should appear with shares like so
# showmount -e <nfs-server-ip>
Export list for <nfs-server-ip>
/home 192.168.122.0/24
/export-1 192.168.122.0/24
/export2 192.168.122.0/24
rpcinfo -p <nfs server ip>displays list of all registered RPC programs. Verify that the needed services needed have the version being used (v3, v4, etc)
# rpcinfo -p <nfs-server-ip>
program vers proto port service
100000 2 udp 111 portmapper
100000 2 tcp 111 portmapper
100000 3 udp 111 portmapper
100000 3 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 4 tcp 111 portmapper
100003 3 udp 2049 nfs
100003 3 tcp 2049 nfs
100005 1 udp 635 mountd
100005 2 udp 635 mountd
100005 3 udp 635 mountd
100005 1 tcp 635 mountd
100005 2 tcp 635 mountd
100005 3 tcp 635 mountd
100021 4 udp 4045 nlockmgr
100021 4 tcp 4045 nlockmgr
100024 1 udp 4046 status
100024 1 tcp 4046 status
- Try to mount with NFS version 3 but still it failed with error «access denied».
- Check
/var/lib/nfs/etabat NFS share that share is exported or not. -
Tcpdump analysis:
# tshark -tad -n -r clien.pcap -Y 'frame.number == 500' -O rpc | sed '/^Re/,$ !d' Remote Procedure Call, Type:Reply XID:0x3f510e1b Fragment header: Last fragment, 20 bytes 1... .... .... .... .... .... .... .... = Last Fragment: Yes .000 0000 0000 0000 0000 0000 0001 0100 = Fragment Length: 20 XID: 0x3f510e1b (1062276635) Message Type: Reply (1) [Program: NFS (100003)] [Program Version: 4] [Procedure: COMPOUND (1)] Reply State: denied (1) [This is a reply to a request in frame 498] [Time from request: 0.000611000 seconds] Reject State: AUTH_ERROR (1) <===== Error Auth State: bad credential (seal broken) (1)
The nfs-server can not authenticate the NFS client.
-
Further
tcpdumpanalysis# tshark -tad -nr client.pcap -Y nfs.status!=0 20 2018-12-18 13:46:46.377409 *.*.*.* → *.*.*.* NFS 144 V4 Reply (Call In 12) PUTROOTFH | GETATTR Status: NFS4ERR_PERM
NFS4ERR_PERM indicates that the requester is not the owner. The operation was not allowed because the caller is neither a privileged user (root) nor the owner of the target of the operation.
-
Product(s)
- Red Hat Enterprise Linux
-
Component
- nfs-utils
-
Category
- Troubleshoot
-
Tags
- file_systems
- nfs3
- nfs4
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
[solved]NFS mount.nfs: access denied by server while mountin
Hi,
Setup NFS but when trying to mount getting the following errors
Code: Select all
mount.nfs: access denied by server while mounting <server ip>:/exportsThe
command returns the following
So I guess, iptables and nfs are running properly.
I tried to mount in many ways like
Code: Select all
sudo mount <server ip>:/exports ~/exports/ ,with -t nfs4, specifying port=2049,protocol=tcp etc
Previously, the client was a RHEL4 computer, now installed a fresh centos 6.7, after that I couldn’t mount using NFS.
Last edited by ras123 on 2016/03/03 00:58:00, edited 1 time in total.
-
TrevorH
- Site Admin
- Posts: 32527
- Joined: 2009/09/24 10:40:56
- Location: Brighton, UK
Re: NFS mount.nfs: access denied by server while mounting
Post
by TrevorH » 2016/03/01 07:49:16
Post the contents of /etc/exports from the server along with the ip addresses of both server and client.
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
Re: NFS mount.nfs: access denied by server while mounting
Post
by ras123 » 2016/03/01 07:56:42
Server
Code: Select all
exports <client ip>(rw,sync,fsid=0)where <client ip> and <server ip> are the local network ip address, and no space after ip address above. I can ssh to client from server or vice versa.
Should I need to edit /etc/exports in client side? It is a blank file now.
-
TrevorH
- Site Admin
- Posts: 32527
- Joined: 2009/09/24 10:40:56
- Location: Brighton, UK
Re: NFS mount.nfs: access denied by server while mounting
Post
by TrevorH » 2016/03/01 08:28:51
Isn’t that missing a leading / on the «exports» portion?
Does the client have more than one ip address?
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
Re: NFS mount.nfs: access denied by server while mounting
Post
by ras123 » 2016/03/01 09:59:11
Hi,
it is /exports, ‘/’ not missed.
Client has not more than one ip, the if config returns:
Code: Select all
eth0 Link encap:Ethernet HWaddr <mac address>
inet addr:<ip address> Bcast:<b cast> Mask:255.255.248.0
inet6 addr: <inet 6 address> Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6254421 errors:0 dropped:0 overruns:0 frame:0
TX packets:2070797 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8863558382 (8.2 GiB) TX bytes:184867182 (176.3 MiB)
Interrupt:17
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:449414 errors:0 dropped:0 overruns:0 frame:0
TX packets:449414 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49585530 (47.2 MiB) TX bytes:49585530 (47.2 MiB)Previously, the server and clients were centos 6.7 and RHEL 4 respectively, working perfectly, and now I installed cent os 6.7 in client, then this problem started. The server and client has same user account, and I am trying to mount directory in home folder, created with mkdir -p. Also changed the permission to 777.
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
Re: NFS mount.nfs: access denied by server while mounting
Post
by ras123 » 2016/03/01 23:21:15
On Client side:
Code: Select all
tail /var/log/messages
Mar 2 10:13:26 localhost kernel: RPC: Registered named UNIX socket transport module.
Mar 2 10:13:26 localhost kernel: RPC: Registered udp transport module.
Mar 2 10:13:26 localhost kernel: RPC: Registered tcp transport module.
Mar 2 10:13:26 localhost kernel: RPC: Registered tcp NFSv4.1 backchannel transport module.
Mar 2 10:13:26 localhost kernel: Slow work thread pool: Starting up
Mar 2 10:13:26 localhost kernel: Slow work thread pool: Ready
Mar 2 10:13:26 localhost kernel: FS-Cache: Loaded
Mar 2 10:13:26 localhost kernel: NFS: Registering the id_resolver key type
Mar 2 10:13:26 localhost kernel: FS-Cache: Netfs 'nfs' registered for caching
Mar 2 10:13:26 localhost nfsidmap[3817]: nss_getpwnam: name '<user>@localdomain' does not map into domain '<server ip>'where <user> user name (on both computer user name is same), and <server ip> is local network ip.
In server side
Code: Select all
tail /var/log/messages
Mar 2 10:09:17 oxygen rtkit-daemon[2993]: Sucessfully made thread 3369 of process 3369 (/usr/bin/pulseaudio) owned by '500' high priority at nice level -11.
Mar 2 10:09:17 oxygen pulseaudio[3369]: pid.c: Daemon already running.
Mar 2 10:09:42 oxygen gnome-keyring-ask: GLib-GObject: Object class EggSecureEntry doesn't implement property 'editing-canceled' from interface 'GtkCellEditable'
Mar 2 10:09:42 oxygen gnome-keyring-ask: could not grab keyboard: 3
Mar 2 10:09:42 oxygen gnome-keyring-ask: could not grab keyboard: 3
Mar 2 10:09:55 oxygen pulseaudio[3184]: ratelimit.c: 8 events suppressed
Mar 2 10:11:41 oxygen kernel: Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
Mar 2 10:11:42 oxygen rpc.mountd[3580]: Version 1.2.3 starting
Mar 2 10:11:42 oxygen kernel: NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
Mar 2 10:11:42 oxygen kernel: NFSD: starting 90-second grace period
Any help please.
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
Re: NFS mount.nfs: access denied by server while mounting
Post
by ras123 » 2016/03/02 07:05:28
it is mounted when I used option
What to do to mount by nfs4?
-
gerald_clark
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: NFS mount.nfs: access denied by server while mounting
Post
by gerald_clark » 2016/03/02 13:08:21
Make sure the ports in /etc/sysconfig/nfs are open on the server’s firewall.
Also make sure nfs4 is not disabled on the server.
-
ras123
- Posts: 15
- Joined: 2016/03/01 05:32:36
Re: NFS mount.nfs: access denied by server while mounting
Post
by ras123 » 2016/03/02 23:05:19
Hi,
Thanks, as far I know, opened ports and not blocked nfs4 in server, but still unable to mount by nfs4.
/etc/sysconfig/nfs
Code: Select all
#
# Define which protocol versions mountd
# will advertise. The values are "no" or "yes"
# with yes being the default
#MOUNTD_NFS_V2="no"
#MOUNTD_NFS_V3="no"
#
#
# Path to remote quota server. See rquotad(8)
RQUOTAD="/usr/sbin/rpc.rquotad"
# Port rquotad should listen on.
RQUOTAD_PORT=875
# Optinal options passed to rquotad
#RPCRQUOTADOPTS=""
#
#
# Optional arguments passed to in-kernel lockd
#LOCKDARG=
# TCP port rpc.lockd should listen on.
LOCKD_TCPPORT=32803
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=32769
#
#
# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8)
# Turn off v2 and v3 protocol support
#RPCNFSDARGS="-N 2 -N 3"
# Turn off v4 protocol support
#RPCNFSDARGS="-N 4"
# Number of nfs server processes to be started.
# The default is 8.
#RPCNFSDCOUNT=8
# Stop the nfsd module from being pre-loaded
#NFSD_MODULE="noload"
# Set V4 and NLM grace periods in seconds
#
# Warning, NFSD_V4_GRACE should not be less than
# NFSD_V4_LEASE was on the previous boot.
#
# To make NFSD_V4_GRACE shorter, with active v4 clients,
# first make NFSD_V4_LEASE shorter, then restart server.
# This will make the clients aware of the new value.
# Then NFSD_V4_GRACE can be decreased with another restart.
#
# When there are no active clients, changing these values
# can be done in a single server restart.
#
#NFSD_V4_GRACE=90
#NFSD_V4_LEASE=90
#NLM_GRACE_PERIOD=90
#
#
#
# Optional arguments passed to rpc.mountd. See rpc.mountd(8)
#RPCMOUNTDOPTS=""
# Port rpc.mountd should listen on.
MOUNTD_PORT=892
#
#
# Optional arguments passed to rpc.statd. See rpc.statd(8)
#STATDARG=""
# Port rpc.statd should listen on.
STATD_PORT=662
# Outgoing port statd should used. The default is port
# is random
STATD_OUTGOING_PORT=2020
# Specify callout program
#STATD_HA_CALLOUT="/usr/local/bin/foo"
#
#
# Optional arguments passed to rpc.idmapd. See rpc.idmapd(8)
#RPCIDMAPDARGS=""
#
# Set to turn on Secure NFS mounts.
#SECURE_NFS="yes"
# Optional arguments passed to rpc.gssd. See rpc.gssd(8)
#RPCGSSDARGS=""
# Optional arguments passed to rpc.svcgssd. See rpc.svcgssd(8)
#RPCSVCGSSDARGS=""
#
# To enable RDMA support on the server by setting this to
# the port the server should listen on
RDMA_PORT=20049 /etc/sysconfig/iptables
Code: Select all
-A INPUT -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 662 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 662 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 875 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 875 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 892 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 892 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 32769 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 32803 -j ACCEPT/etc/hosts.allow
Code: Select all
rpcbind mountd nfsd statd lockd rquotad : <client ip> 127.0.0.1-
gerald_clark
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: NFS mount.nfs: access denied by server while mounting
Post
by gerald_clark » 2016/03/02 23:35:19
Your /etc/hosts.allow only allows connections from localhost.
I suggest you remove that line.