Dino wrote:
> Hi everyone,
>
> I have just installed Solaris and have added a 3x500GB raidz drive array. I
> am able to use this pool ('tank') successfully locally, but when I try to
> share it remotely, I can only read, I cannot execute or write. I didn't do
> anything other than the default 'zfs set sharenfs=on tank'... how can I get
> it so that any allowed user can access the pool read/write through nfs?
>
> Here is some relevant information:
> [EMAIL PROTECTED]:/# zpool list
> NAME SIZE USED AVAIL CAP HEALTH ALTROOT
> tank 1.36T 46.1G 1.31T 3% ONLINE -
>
> [EMAIL PROTECTED]:/# zpool status
> pool: tank
> state: ONLINE
> scrub: none requested
> config:
>
> NAME STATE READ WRITE CKSUM
> tank ONLINE 0 0 0
> raidz1 ONLINE 0 0 0
> c3t0d0 ONLINE 0 0 0
> c3t1d0 ONLINE 0 0 0
> c3t2d0 ONLINE 0 0 0
>
> errors: No known data errors
>
> [EMAIL PROTECTED]:/# zfs get all tank
> NAME PROPERTY VALUE SOURCE
> tank type filesystem -
> tank creation Sat Jul 12 22:47 2008 -
> tank used 30.7G -
> tank available 882G -
> tank referenced 30.7G -
> tank compressratio 1.00x -
> tank mounted yes -
> tank quota none default
> tank reservation none default
> tank recordsize 128K default
> tank mountpoint /tank local
> tank sharenfs on local
> tank checksum on default
> tank compression off default
> tank atime on default
> tank devices on default
> tank exec on default
> tank setuid off local
> tank readonly off default
> tank zoned off default
> tank snapdir hidden default
> tank aclmode groupmask default
> tank aclinherit secure default
> tank canmount on default
> tank shareiscsi off default
> tank xattr on default
>
> /etc/dfs/dfstab is empty
>
> /etc/dfs/sharetab:
> /tank - nfs rw
>
>
> Now, when I try to mount this share from multiple boxes, I get 'Permission
> denied' when I try to create/modify any file.
>
> Mounting from a Linux box:
> /etc/fstab
> mosasaur:/tank /tank nfs4 rw,user 0 0
> mount /tank
> ls -al tank == drwxr-xr-x 7 4294967294 4294967294 8 2008-07-13 17:58
> tank
> mount shows:
> mosasaur:/tank on /tank type
> nfs4(rw,user=mac,addr=192.168.0.4,clientaddr=192.168.0.17)
>
> # touch /tank/FILE
> touch: cannot touch `file': Permission denied
>
>
> Mounting from a NetBSD box
> /etc/fstab:
> mosasaur:/tank /tank nfs rw 0 0
> root# mount /tank
> root# ls -al | grep tank
> drwxr-xr-x 7 100 10 8 Jul 13 16:58 tank
> root# mount | grep tank
> mosasaur:/tank on /tank type nfs
> root# touch /tank/FILE
> touch: /tank/FILE: Permission denied
>
>
> I dont get it at all, it is a completely stock configuration... Does anytone
> have any idea why this isnt working and how I could fix it?
>
This is a NFS security feature which has been around for 15 years or so.
By default, remote root users have the privileges of "nobody." If you
want a remote root user to have privileges, you need to change the
"rw" option. The ZFS Administration Guide, Chapter 1, covers such
examples.
http://www.opensolaris.org/os/community/zfs/docs/zfsadmin.pdf
-- richard
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
