Why am I getting "permission denied" when connecting to my NFS share?
In order to connect to the NFS share with MacOS, the share must be defined with the insecure flag. All that means is its allowing a connection from a non standard port (which macOS uses). So your export line would look like this.
10.3.0.0/16 (rw,all_squash,sync,no_subtree_check,anonuid=65534,anongid=65534,insecure)
Also, when connecting from mac (especially on nfsv3) you have to connect to a specific exported folder rather than the root folder or just the IP.
nfs://10.3.0.100/bottle/media
Should do the trick!
Related videos on Youtube
Louis Thibault
Updated on September 18, 2022Comments
-
Louis Thibault almost 2 years
On Ubuntu version 17.04, my NFS shares are defined as follows:
Configuration
In
/etc/exports
:/bottle/media 192.168.0.0/16(ro,all_squash,no_subtree_check,anonuid=65534,anongid=65534) 10.3.0.0/16(rw,all_squash,sync,no_subtree_check,anonuid=65534,anongid=65534)
UNIX file permissions for the shared volume:
$ ls -al /bottle total 5 drwxr-xr-x 3 root root 3 Sep 3 11:45 . drwxr-xr-x 28 root root 4096 Sep 3 00:37 .. drwxrwxr-x 2 nobody nogroup 2 Sep 3 11:45 media
Verification
Ran
sudo exportfs
:/bottle/media 192.168.0.0/16 /bottle/media 10.3.0.0/24
Checked the NFS server daemon:
$ sudo systemctl status nfs-server ● nfs-server.service - NFS server and services Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled) Active: active (exited) since Sun 2017-09-03 12:09:47 BST; 16min ago Process: 23350 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS) Process: 23344 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS) Process: 23337 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS) Process: 23380 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS) Process: 23374 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS) Main PID: 23380 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 4915) Memory: 0B CPU: 0 CGroup: /system.slice/nfs-server.service Sep 03 12:09:47 monolith systemd[1]: Starting NFS server and services... Sep 03 12:09:47 monolith systemd[1]: Started NFS server and services.
Verified that the UID/GID settings correspond to
nobody
andnogroup
, respectively:$ id -u nobody 65534 $ getent group nogroup nogroup:x:65534:
Symptoms
The NFS server host is located at
10.3.0.100
. The client (OSX Sierra v10.12.6) is at10.3.0.102
.I attempted a connection using finder's "Connect to Server" dialogue (
cmd + k
), into which I enterednfs://10.3.0.100
.Doing so yields the following error:
You do not have permission to access this server
.Is this a configuration problem? What have I done wrong?
-
nullmeta almost 7 yearsWith macOS you must add
insecure
to your export. It would look as so.10.3.0.0/16 (rw,all_squash,sync,no_subtree_check,anonuid=65534,anongid=65534,insecure)
and also you must connect with the actual export, not the root folder,nfs://10.3.0.100/bottle/media
-
Louis Thibault almost 7 years@nullmeta, that did the trick. Many thanks! Feel free to add this as an answer.
-