Why is NFS not allowing me to mount a share?
Okay, I've worked it out (or at least, I've made it work, and I think I know what was causing it).
I added the insecure
flag to the /etc/exports
line on the NFS server, so now it looks like this:
/media/storagedrive 10.0.0.0/24(rw,sync,no_subtree_check,insecure)
This flag allows connections to originate from client ports above IPPORT_RESERVED (1024).
The mount command now works.
My guess as to why the lack of the insecure
flag was the problem is that VirtualBox was using NAT to pass the request through to the physical network, so while the port on the Ubuntu guest (AlexDevGuest) may have been below 1024, the translated port on the Windows 7 host (AlexDevHost) was probably above 1024, and therefore blocked. Setting the insecure
flag meant it was allowed though.
This problem obviously doesn't affect the non-virtual machine DevMatt.
Related videos on Youtube
Alex
I first started building websites when I was about 11, and I like to think that I have improved somewhat. From there I got interested in programming and databases and all that exciting stuff. I'm a big fan of PHP, but I'm also interested in other languages. I've recently been messing about with binary files a lot in PHP, so I'm wondering about trying my hand at a strongly-typed language like C++, C or Java. Outside of computing, my other interests include riding my bike, skateboarding, reading, and space :)
Updated on September 18, 2022Comments
-
Alex over 1 year
The Host
I have a host, running Ubuntu 12.04, at
10.0.0.202
. It provides an NFS share for other machines on the network. Here is the contents of/etc/exports
:/media/storagedrive 10.0.0.0/24(rw,sync,no_subtree_check)
The intention here is to share the contents of
/media/storagedrive
to other machines on the network in the IP range10.0.0.0 - 10.0.0.255
.Working Client
This works correctly with a client machine at
10.0.0.40
, running Ubuntu 13.10, known as MattDev. That machine's/etc/fstab
looks like this:UUID=8f8c838e-3ea2-457a-87f0-57b12dfab06c / ext4 errors=remount-ro 0 1 UUID=427089d4-46a2-432d-9df4-7016bdfc7df2 none swap sw 0 0 10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive nfs rsize=8192,wsize=8192,timeo=14,intr
And
ls -al /mnt/
on that machine looks like this:total 12K drwxr-xr-x 3 root root 4.0K Feb 4 17:48 . drwxr-xr-x 23 root root 4.0K Feb 5 08:44 .. drwxrwxr-x 7 root plugdev 4.0K Feb 5 11:43 NetworkStorageDrive
The output of
id
looks like this:uid=1000(matt) gid=1000(matt) groups=1000(matt),4(adm),24(cdrom),27(sudo),30(dip),33(www-data),46(plugdev),112(lpadmin),124(sambashare)
Non-Working Virtual Client
I have a second client machine, running Ubuntu 12.10, as a guest OS on a Windows 7 host machine. The host machine is on the network as
10.0.0.28
. The guest machine is being managed by Vagrant, using VirtualBox 4.3.6 as a provider. I'll call the Windows 7 host AlexDevHost and the Ubuntu guest AlexDevGuest.Running
showmount -e 10.0.0.202
on AlexDevGuest produces:Export list for 10.0.0.202: /media/storagedrive 10.0.0.0/24
However, when I try to mount the share, it fails:
$ sudo mount 10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive mount.nfs: access denied by server while mounting 10.0.0.202:/media/storagedrive
So I started looking for issues:
$ ls -alh /mnt/ total 12K drwxr-xr-x 3 root root 4.0K Feb 5 12:23 . drwxr-xr-x 26 root root 4.0K Feb 5 12:23 .. drwxr-xr-x 2 root root 4.0K Feb 5 12:23 NetworkStorageDrive $ id uid=1001(vagrant) gid=1001(vagrant) groups=1001(vagrant) $
That uid and gid is different to the user matt on MattDev. So I juggled about the uid for vagrant, as I have read that NFS access is controlled by matching the IP address and uids. So now:
$ id uid=1000(vagrant) gid=1001(vagrant) groups=1001(vagrant) $ sudo mount 10.0.0.202:/media/storagedrive /mnt/NetworkStorageDrive mount.nfs: access denied by server while mounting 10.0.0.202:/media/storagedrive $
Still no success. So now I'm running out of ideas.
- What am I doing wrong?
- If the uid part is correct, is there a way I can verify that the NFS server machine is seeing my access attempt as coming from
10.0.0.28
, and not some other IP not in the allowed range?
-
Giacomo1968 almost 10 yearsFantastic detective work on this. I routinely use VirtualBox VMs of Unbuntu as “sandbox” environments I can toss or test on instead of using production level servers or even a staged dev server & this helps immensely.
-
Randommm almost 7 yearsWant to say thanks to you in an infinite loop, looking for this from long and you helped. Any idea why such restriction they have put why can't they let connections coming from any port number how the port number will affect anything. Any Ways big thanks.
-
Alex almost 7 years@mSatyam It will be because you have to be root in order to bind to a port below 1024, and it's probably prudent to expect NFS stuff to be running as root, at least by default. The port forwarding I was doing was somewhat of a "special case".
-
Mikhail T. over 6 yearsBut how could I convince VirtualBox' networking to use a port below 1024?..
-
BJ5 over 4 yearsThank you so much..
-
BJ5 over 4 yearsMount worked, but cannot see files.
-
Nemo over 3 years@MikhailT. I do not control the NFS server, so I need a different answer.