This is a purified and ridiculous "access denied"-problem, which I cannot resolve, trying to connect two simple Debian Linux boxes using simple NFS.
Is there a bug, or have I just missed some basic access permission setting? The most significant recommendation from my friends is to start from scratch by reinstallation and so on. I hesitate strongly, since the boxes have come to a mature state as regards all other configuration aspects. They are well customized and in 'production use', one of them as a working Samba server. All other ways to resolve this must be investigated, and at the moment I have exhausted all internet manual sources that I can find. Then I recently found an old thread at LQ touching this problem, though without key information that helps me. So I'm launching a new, hopefully more distinct thread. Here is my story:
Nfs networking - is it possible?
This is a summary (condensed* in an attempt to exclude a lot of 'related' but seemingly irrelevant information) of extended studies of what happens when nfs file sharing/mounting is initiated using two cable-router-connected Linux 2.6 boxes, both run with nfs-kernel-server (a brief test using nfs-user-server produced equivalent results).
This is the computer setup, though it's insignificant which box is chosen as server and client, respectively:
Code:
Computername IPno Nfs-role Linux kernel Debian dist
scandic 127.168.0.11 server 2.6.8-2-686 i686 Sarge (stable)
andromeda 127.168.0.12 client 2.6.12-1-686 i686 Etch (testing)
I intend to mount a home directory on scandic (/home/tore) at a mounting point of andromeda (/mnt/scandic), that is, to mount scandic:/home/tore at andromeda:/mnt/scandic (Oops! important: since both boxes have equal basic directory structures, don't mix up file references between them!).
CHAPTER 1. Server preparation. I put this in the file /etc/exports (just one significant line):
Code:
/home/tore/ 127.168.0.12(rw,no_root_squash,sync)
After server reboot: Is the directory REALLY exported? It doesn't seem so, since /var/lib/nfs/xtab is empty. OK, then run exportfs that will force export:
Code:
root@scandic:~# exportfs -rav
exporting andromeda:/home/tore
reexporting andromeda:/home/tore to kernel
Note 1. Inconsistent export naming. The file 'andromeda:/home/tore' is not intended to exist as such (although it does, on andromeda!) but should mean that andromeda is allowed to mount /home/tore (OK?).
Note 2. Since this is nfs-kernel-server, the initial boot export was not shown in /var/lib/nfs/xtab although a silent export occurred into the kernel. This is indirectly verified by the message indicating that exportfs REexports into the kernel. Conclusion: OK, exportfs wasn't necessary, xtab obsolete (?), xtab content (that we generated):
Code:
/home/tore andromeda(rw,sync,wdelay,hide,nocrossmnt,secure,no_root_squash,
no_all_squash,subtree_check,secure_locks,mapping=identity,anonuid=-2,anongid=-2)
Note 3. We can see that the computername-IPno translation is correct, since whether 127.168.0.12 or andromeda is used in /etc/exports, exportfs always reports andromeda.
CHAPTER 2. We check that required daemons are up and running, using rpcinfo -p. Running daemons are: portmapper (v.2), nfs (v.2,3,4), nlockmngr (v.1,3,4), mountd (v.1,2,3), and status (v.1), each in both tcp and udp versions; also sgi_fam (v.2, tcp only). That should be sufficient. BTW, let's test rpcinfo -p andromeda from the server! Result: Identical. And the other way round, that is, the client's daemon list and scandic listed from the client: Equal.
Note 4. Thus the two boxes communicate well, which can also be shown by pinging each other. So far, so good!
CHAPTER 3. Client preparation (except that we have already verified the daemon population): Make the mounting point mnt/scandic. Add one (1) line to /etc/fstab in order to make mounting more convenient with some pre-defined parameters. I have tested various versions, we may use one of these (note that user and users are different parameters):
Code:
scandic:/home/tore /mnt/scandic nfs rw,users,timeo=14,hard,intr 0 0
scandic:/home/tore /mnt/scandic nfs rw,user,rsize=8192,wsize=8192,timeo=14,intr 0 0
The variations should be insignificant for mounting/unmounting-tests as root. So far, still good.
Note 5. The /etc/hosts file content on the server, just as reference:
Code:
127.0.0.1 localhost.localdomain localhost scandic
127.168.0.11 scandic
127.168.0.12 andromeda
Note 6. The /etc/hosts file content on the client, just as reference:
Code:
127.0.0.1 localhost.localdomain localhost andromeda
127.168.0.11 scandic
127.168.0.12 andromeda
CHAPTER 4. Mount the server directory scandic:/home/tore on the client andromeda as [andromeda:]/mnt/scandic
First attempt:
Code:
root@andromeda:~# mount -t nfs scandic:/home/tore /mnt/scandic
mount: scandic:/home/tore failed, reason given by server: Permission denied
Second attempt (relying on fstab):
Code:
root@andromeda:~# mount /mnt/scandic
mount: scandic:/home/tore failed, reason given by server: Permission denied
So far, no good!
CHAPTER 5. Investigate the server syslog, since we were told that the reason should be given by the server. There is nothing to find!
CHAPTER 6. Investigate the client syslog. It says:
Code:
Dec 1 22:53:22 localhost mountd[4963]: refused mount request from scandic for /home/tore (/): no export entry
Dec 1 22:54:38 localhost mountd[4963]: refused mount request from scandic for /home/tore (/): no export entry
- thus repeating the same message for each of the two attempts. To add: This is the case even at a pure manual mount attempt (like First try) without any information in fstab (such as the line we added) that might possibly intervene.
Note 7. The syslog message is somewhat confusing. Who is requesting what? For an ignorant observer the terminology seems awkward, since didn't we request andromeda to mount? Haven't we verified that scandic has exported /home/tore? True, however, that andromeda hasn't exported /home/tore !! (In case scandic would request it.) All confusing. This may finish my 'Linux project'!
Note 8. Further investigations show that if similar /etc/exports and /etc/fstab files are set up on both boxes (both client and/or server), mounting in this way virtually functions well, but any of them will happily mount it's OWN directory (remember: equal structures). That was my very first experience (really cheated!).
What is going on? Next step is, of course, trying to separate the client and server functionality by defining exports from only a single SERVER and using the other box as only CLIENT. As shown. So far, still worse. This may finish my Linux.
Note 9. I think I can run a net entirely with Samba, but I refuse to use Samba for pure Linux-to-Linux connections, just by stubbornness (and a few more reasons). This may finish ...
* yes, wasn't it condensed?