What's wrong with my NFS setup?

centos nfs autofs

7,760

It looks like the problem here were the permission settings on the folder being exported on the server side. So, doing the following on the server allowed me to write from the client:

[root@centosserv ~]# chmod 777 /NFSSHARE

I did this on fresh installs of both the server and the client. Was experiencing the same problems all over again, and, not even having tried disabling iptables on the server and going through the changes I edited into the question this time, decided to make sure that the permissions to /NFSSHARE were properly set. Seems to have done the trick.

7,760

JNat

I was appointed ♦ Moderator Pro Tempore on Anime and Manga SE, and served my time from January 2013 to March 2015. I am currently a Community Manager for Stack Exchange! If there's anything you think I could help you with, you can reach me at stackoverflow.com: jnat@...

Updated on September 18, 2022

Comments

JNat almost 2 years
I had previously been able to configure an NFS server on a computer running CentOS 6.6, and to mount the file system in a Virtual Machine with the same OS and using autofs.
Last week I did a fresh install of all the OSs I had, and now for some reason I cannot get it to work. The server computer still runs CentOS 6.6, and the Virtual Machine is now running CentOS 7 (I also tried it with another Virtual Machine running Debian Wheezy, but it still didn't work).

The server (centosserv) is running on 192.168.1.89, and the client (centoscli, the CentOS 7 one) on 192.168.1.100.
The file system I want to share is /NFSSHARE and /NFSSHARE/mydir, and as such the /etc/exports file on the server contains the following:
```
/NFSSHARE       192.168.1.100(fsid=0,rw,sync,no_subtree_check,root_squash,anonuid=1000,anongid=1000)
/NFSSHARE/mydir 192.168.1.100(ro,sync,no_subtree_check)
```
If I run showmount -e I get this:
```
[root@centosserv ~]# showmount -e
Export list for centosserv:
/NFSSHARE/mydir 192.168.1.100
/NFSSHARE       192.168.1.100
```
So everything looks good so far.
On the client side, I edited the /etc/auto.master to include the following line:
```
/mnt/nfs       /etc/auto.nfs-share       --timeout=90
```
And then created the /etc/auto.nfs-share file with the following contents:
```
[root@centoscli ~]# cat /etc/auto.nfs-share
writeable_share        -rw 192.168.1.89:/
non_writeable_share    -ro 192.168.1.89:/mydir
```
This also seems to be working, given the below output:
```
[root@centoscli ~]# mount | grep nfs-share
/etc/auto.nfs-share on /mnt/nfs type autofs (rw,relatime,fd=18,pgrp=2401,timeout=90,minproto=5,maxproto=5,indirect)
```
At this point, /mnt/nfs/writeable_share and /mnt/nfs/non_writeable_share are not mounted, unless I try to access them directly, as per this tutorial (which is the same I had followed the last time I set up the NFS server*). So only after I tried ls -l /mnt/nfs/writeable_share should it be mounted. But the output I get is:
```
[root@centoscli ~]# ls -l /mnt/nfs/writeable_share
ls: cannot access /mnt/nfs/writeable_share: No such file or directory
```
I pinged the server from the client and vice versa, just to check that they could both reach each other, and they seem to do.

I did everything exactly the same way I had done the first time round, yet for some reason I cannot get it to work this time. I have tried doing this by editing the /etc/fstab file on the client side and manually instead of using autofs, but it doesn't seem to work that way either. Disabling iptables on the server side makes it work with fstab and manually, but not with autofs yet.

What else can I check, or where I have gone wrong?

*With the exception of the first three steps, since I have neither a service called nfs-common neither a /etc/default/nfs-common file.

EDIT

I was checking out this tutorial on a CentOS group on FB that, after the server side is supposedly settled and we're ready to start configuring the client side, says this:

Test if you can see NFS server:
showmount -e

So I'm guessing that using showmount -e on the client I should be able to get some info on the server, or it at least some acknowledgement that I can mount file systems from that server on this client. However, I tried using showmount -e 192.168.1.89 on the client side, and the only message I got was this:
```
 clnt_create: RPC: Port mapper failure - Unable to receive: errno113 (No route to host)
```
I'm guessing this could be the problem, but I'm not sure what it means.

EDIT 2

After having disabled iptables on the server side, I can now see the exported file systems when I use showmount -e 192.168.1.89 on the client side. Which renders my first edit above moot, I think. However, I am still not able to mount the filesystems using autofs.

EDIT 3

Ok, besides having iptables disabled, I have edit both /etc/exports on the server and /etc/auto.nfs-share on the client to look like this:
```
[root@centosserv ~]# cat /etc/exports
/NFSSHARE          192.168.1.100(fsid=0,rw,sync,no_subtree_check,root_squash,anonuid=1000,anongid=1000)
/NFSSHARE/mydir    192.168.1.100(rw,sync,no_subtree_check,root_squash,anonuid=1000,anongid=1000)
/NFSSHARE/mydir/ro 192.168.1.100(ro,sync,no_subtree_check)

[root@centoscli ~]# cat /etc/auto.nfs-share
writeable_share        -fstype=nfs4,rw 192.168.1.89:/mydir
non_writeable_share    -fstype=nfs4,ro 192.168.1.89:/mydir/ro
```
And with there I seem to be able to mount the file systems, but not to write from the client:
```
[root@centoscli ~]# touch /mnt/nfs/writeable_share/test_from_client.file
touch: cannot touch ‘/mnt/nfs/writeable_share/test_from_client.file’: Permission denied
```
- JNat over 9 years
  
  I was unsure as to whether the question was a better fit here or on Server Fault. If it is a better fit on the other site, please do migrate it.
- roaima over 9 years
  
  On your client, in /etc/auto.nfs-share, aren't you missing the /NFSSHARE part of the exported path? What gets written to the syslog by the automounter? IME there should be messages there that point to the error.
- JNat over 9 years
  
  @roaima It is my understanding that I don't need to put /NFSSHARE there, since I put fsid=0 on the exports file on the server. Regarding the syslog, I just checked the client-side, and I found a line containing automount[1420]: validate_location: invalid character " " found in location rw 192.168.1.89:/.
- JNat over 9 years
  
  But I think that message above is from before I added a - before rw on the file, changing rw 192.168.1.89:/ to -rw 192.168.1.89:/, 'cause I was missing that hyphen before.
- roaima over 9 years
  
  Not used nfsv4 (only v3) but it seems from reading around that you're not supposed to try and mount the NFS root. Rather, shares are defined underneath the root point. I'll go have a try unless someone else offers a definitive answer.
- JNat over 9 years
  
  @roaima I've tried it without the fsid=0 part on the /etc/exports file on the server, and by appending the /NFSSHARE part on the /etc/auto.nfs-share file on the client, but it still didn't work. In any case, I was able to make it work in the first time without these changes, and by mounting the NFS root.
- Mark Plotnick over 9 years
  
  Can you run rpcinfo -p 192.168.1.89 on the client, and see if the nfs and mountd handlers are reachable?
- JNat over 9 years
  
  @MarkPlotnick The message I got from that was rpcinfo: can't contact portmapper: RPC: Remote system error - No route to host.
- roaima over 9 years
  
  Firewall on both sides? NFS RPC is fickle; it's mostly on ports 111 (portmapper) and 2049 (nfs) but theoretically the nfs port can vary.
- JNat over 9 years
  
  @roaima You mean iptables? If so, how do I check that? I have no idea how to work with iptables yet.
- roaima over 9 years
  
  Sorry, missed that this time. Firewall on client and server - run iptables -nvL to get the default filter table, and iptables -t nat -nvL for the NAT table that should be irrelevant. Relevant parts are INPUT and OUTPUT. For testing you want to see policy ACCEPT and no rules :-)
- JNat over 9 years
  
  @roaima here's the output of both the server and the client when running iptables -nvL. Can you help me out decoding it, and pointing out to whatever may need to be corrected?
- JNat over 9 years
  
  @MarkPlotnick Disabling iptables on the server side and then running rpcinfo -p 192.168.1.89 on the client now gives me this output.
- Mark Plotnick over 9 years
  
  That looks much better. Does the showmount -e 192.168.1.89 command show the exported filesystems now?
- JNat over 9 years
  
  It does. Manually and using /etc/fstab I can now mount the file systems. Using autofs still gets me nowhere.
- Mark Plotnick over 9 years
  
  Good. After this gets settled, if you want to re-enable iptables, docs.oracle.com/cd/E37670_01/E41138/html/ol_about_nfs.html explains what to do. For NFS v4, you just need to allow access to port 2049. For other versions, you need to hardwire the port numbers used by a few RPC services and then allow access through iptables.
- JNat over 9 years
  
  I've updated the question, since I can now mount the file systems, but still cannot write from the client.
JNat about 8 years

And no, it didn't take me a full year to figure it out... I just didn't touch this again for a whole year :P