Solved Cannot mount FreeBSD NFS share from a FreeBSD client, but can from a Linux client

F

Ferocious1881

I have setup a FreeBSD NFS server with the following configuration.
/etc/rc.conf
Code: 
dumpdev="NO"
nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
nfs_server_flags="-t -n 4"
rpcbind_enable="YES"
mountd_flags="-r"
mountd_enable="YES"
nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
nfs_server_flags="-t -n 4"
rpcbind_enable="YES"
mountd_flags="-r"
mountd_enable="YES"
rpc_lockd_enable="YES"
/etc/exports
Code: 
/jailed/probe1 -mapall=root [IP of my linux machine]
/jailed/probe2 -mapall=root [IP of my FreeBSD machine]
I can successfully mount my nfs export in Linux with mount -t nfs nfs.my.domain:/jailed/probe1 /mnt, but when trying the same ( mount -t nfs nfs.my.domain:/jailed/probe2 /mnt) in my FreeBSD machine, I got the error
Code: 
[tpc] nfs.my.domain:/jailed/nfc: Permission denied
Edit:
Also following https://docs.freebsd.org/en/books/handbook/network-servers/#_configuring_the_client changes for /etc/rc.conf and service nfsclient start did not help.
 
Ferocious1881 said:
when trying the same ( mount -t nfs nfs.my.domain:/jailed/probe2 /mnt) in my FreeBSD machine, I got the error
Rich (BB code): 
[tpc] nfs.my.domain:/jailed: Permission denied
Click to expand...
The error message indicates :/jailed has been set as path (for remote_host:path), not :/jailed/probe2.



Are those NFS related double entries in /etc/rc.conf copy & paste errors or real?

In case the whole /etc/exports has been shown here, the V4: line is missing for nfsv4_server_enable="YES".

If NFSv4 is configured why not use it?
Code: 
V4:  /jailed
mount -o nfsv4 nfs.my.domain:/probe2 /mnt
 
T-Daemon said:
The error message indicates :/jailed has been set as path (for remote_host:path), not :/jailed/probe2.



Are those NFS related double entries in /etc/rc.conf copy & paste errors or real?

In case the whole /etc/exports has been shown here, the V4: line is missing for nfsv4_server_enable="YES".

If NFSv4 is configured why not use it?
Code: 
V4:  /jailed
mount -o nfsv4 nfs.my.domain:/probe2 /mnt
Click to expand...

Rigth, but after correctly put the correct command, I get the same error just with tha same path.
 
chief said:
-o vers=3, proto=tcp
Click to expand...
Same error.
Here is the jail config, if it is needed:
Code: 
nfs {
exec.clean;
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown jail";
exec.consolelog = "/var/log/jail_console_${name}.log";

allow.raw_sockets;
allow.nfsd;
allow.mount;
allow.mount.devfs;
allow.mount.zfs;
mount.devfs;
enforce_statfs = 1;
devfs_ruleset = 16; # This rule set does not exists

path = "/jails/${name}";
host.hostname = "${name}";

$id = "6";
$ip = "192.168.0.${id}/24";
$gateway = "192.168.0.1";
$bridge = "bridge0";
$epair = "epair${id}";

vnet;
vnet.interface = "${epair}b";

exec.created  += "zfs jail nfs zroot/some-nfs-filesystem";
exec.prestart  = "/sbin/ifconfig ${epair} create up";
exec.prestart += "/sbin/ifconfig ${epair}a up descr jail:${name}";
exec.prestart += "/sbin/ifconfig ${bridge} addm ${epair}a up";
exec.start    += "/sbin/ifconfig ${epair}b ${ip} up";
exec.start    += "/sbin/route add default ${gateway}";
exec.poststop = "/sbin/ifconfig ${bridge} deletem ${epair}a";
exec.poststop += "/sbin/ifconfig ${epair}a destroy";
}
 
Note the server logs at /var/log/messages, extracted with tail -n 7 /var/log/messages gives
Code: 
Sep 28 20:44:18 nfs mountd[62071]: can't change attributes for /: netcred already exists for given addr/mask
Sep 28 20:44:18 nfs mountd[62071]: Warning: exporting /jailed/probe exports entire / file system
Sep 28 20:44:18 nfs mountd[62071]: can't change attributes for /jailed/nfs: netcred already exists for given addr/mask
Sep 28 20:44:18 nfs mountd[62071]: bad exports list line '/jailed/nfs -mapall'
Sep 28 22:36:24 nfs mountd[62071]: mount request denied from 192.168.0.223 for /jailed/nfc
Sep 28 22:37:03 nfs syslogd: last message repeated 2 times
Sep 28 22:39:39 nfs syslogd: last message repeated 1 times
But 192.168.0.223 is not the IP of my FreeBSD system, but of the bridge, that my FreeBSD system is using.
For some some reason is trying to reach the NFS server with that.
Correcting this I still get an error:
Code: 
mount -t nfs -o vers=3,proto=tcp nfs.my.domain:/jailed/nfc /mnt
mount_nfs: nmount: /mnt: Permission denied
and trying to mount NFSv4 gives me the error:
Code: 
mount -t nfs -o nfsv4 -o sec=sys nfs.my.domain:/jailed/nfc /mnt
mount_nfs: nmount: /mnt, wrong security flavor
 
You must log in or register to reply here.
Back
Top