Why is NFS not allowing me to mount a share?

virtualbox nfs vagrant

20,118

Okay, I've worked it out (or at least, I've made it work, and I think I know what was causing it).

I added the insecure flag to the /etc/exports line on the NFS server, so now it looks like this:

/media/storagedrive 10.0.0.0/24(rw,sync,no_subtree_check,insecure)

This flag allows connections to originate from client ports above IPPORT_RESERVED (1024).

The mount command now works.

My guess as to why the lack of the insecure flag was the problem is that VirtualBox was using NAT to pass the request through to the physical network, so while the port on the Ubuntu guest (AlexDevGuest) may have been below 1024, the translated port on the Windows 7 host (AlexDevHost) was probably above 1024, and therefore blocked. Setting the insecure flag meant it was allowed though.

This problem obviously doesn't affect the non-virtual machine DevMatt.

20,118

Alex

I first started building websites when I was about 11, and I like to think that I have improved somewhat. From there I got interested in programming and databases and all that exciting stuff. I'm a big fan of PHP, but I'm also interested in other languages. I've recently been messing about with binary files a lot in PHP, so I'm wondering about trying my hand at a strongly-typed language like C++, C or Java. Outside of computing, my other interests include riding my bike, skateboarding, reading, and space :)

Updated on September 18, 2022

Comments

Alex over 1 year
The Host

I have a host, running Ubuntu 12.04, at 10.0.0.202. It provides an NFS share for other machines on the network. Here is the contents of /etc/exports:
```
/media/storagedrive 10.0.0.0/24(rw,sync,no_subtree_check)
```
The intention here is to share the contents of /media/storagedrive to other machines on the network in the IP range 10.0.0.0 - 10.0.0.255.

Working Client

This works correctly with a client machine at 10.0.0.40, running Ubuntu 13.10, known as MattDev. That machine's /etc/fstab looks like this:
```
UUID=8f8c838e-3ea2-457a-87f0-57b12dfab06c /               ext4    errors=remount-ro 0       1
UUID=427089d4-46a2-432d-9df4-7016bdfc7df2 none            swap    sw              0       0
10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive nfs rsize=8192,wsize=8192,timeo=14,intr
```
And ls -al /mnt/ on that machine looks like this:
```
total 12K
drwxr-xr-x  3 root root    4.0K Feb  4 17:48 .
drwxr-xr-x 23 root root    4.0K Feb  5 08:44 ..
drwxrwxr-x  7 root plugdev 4.0K Feb  5 11:43 NetworkStorageDrive
```
The output of id looks like this:
```
uid=1000(matt) gid=1000(matt) groups=1000(matt),4(adm),24(cdrom),27(sudo),30(dip),33(www-data),46(plugdev),112(lpadmin),124(sambashare)
```
Non-Working Virtual Client

I have a second client machine, running Ubuntu 12.10, as a guest OS on a Windows 7 host machine. The host machine is on the network as 10.0.0.28. The guest machine is being managed by Vagrant, using VirtualBox 4.3.6 as a provider. I'll call the Windows 7 host AlexDevHost and the Ubuntu guest AlexDevGuest.

Running showmount -e 10.0.0.202 on AlexDevGuest produces:
```
Export list for 10.0.0.202:
/media/storagedrive 10.0.0.0/24
```
However, when I try to mount the share, it fails:
```
$ sudo mount 10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive
mount.nfs: access denied by server while mounting 10.0.0.202:/media/storagedrive
```
So I started looking for issues:
```
$ ls -alh /mnt/
total 12K
drwxr-xr-x  3 root root 4.0K Feb  5 12:23 .
drwxr-xr-x 26 root root 4.0K Feb  5 12:23 ..
drwxr-xr-x  2 root root 4.0K Feb  5 12:23 NetworkStorageDrive
$ id
uid=1001(vagrant) gid=1001(vagrant) groups=1001(vagrant)
$
```
That uid and gid is different to the user matt on MattDev. So I juggled about the uid for vagrant, as I have read that NFS access is controlled by matching the IP address and uids. So now:
```
$ id
uid=1000(vagrant) gid=1001(vagrant) groups=1001(vagrant)
$ sudo mount 10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive
mount.nfs: access denied by server while mounting 10.0.0.202:/media/storagedrive
$
```
Still no success. So now I'm running out of ideas.
1. What am I doing wrong?
2. If the uid part is correct, is there a way I can verify that the NFS server machine is seeing my access attempt as coming from 10.0.0.28, and not some other IP not in the allowed range?
Giacomo1968 almost 10 years

Fantastic detective work on this. I routinely use VirtualBox VMs of Unbuntu as “sandbox” environments I can toss or test on instead of using production level servers or even a staged dev server & this helps immensely.
Randommm almost 7 years

Want to say thanks to you in an infinite loop, looking for this from long and you helped. Any idea why such restriction they have put why can't they let connections coming from any port number how the port number will affect anything. Any Ways big thanks.
Alex almost 7 years

@mSatyam It will be because you have to be root in order to bind to a port below 1024, and it's probably prudent to expect NFS stuff to be running as root, at least by default. The port forwarding I was doing was somewhat of a "special case".
Mikhail T. over 6 years

But how could I convince VirtualBox' networking to use a port below 1024?..
BJ5 over 4 years

Thank you so much..
BJ5 over 4 years

Mount worked, but cannot see files.
Nemo over 3 years

@MikhailT. I do not control the NFS server, so I need a different answer.