Mount to FreeNas Drive

[Freesnofla]

Hi all, I do have my nightmare concerning mount my FreeNas Drive into my Ubuntu PC. I already installed nfs-common, then I prepared /etc/fstab. Finally I did mount -a. Anyway I get always access denied. And I haven't any idea how I can fix it. I guess that root should be able to get access or do I need to create a seperate user for that purpose?

regards
freenassnofla

 

[dlavigne]

We can't read your mind. If you want help you'll have to post your NFS config, the permissions of the volume/dataset being shared, and the contents of /etc/fstab.

 

[Freesnofla]

1. Services NFS = ON
2. Authorized IP addresses or hosts: 192.168.10.0/24
3. All Directories: check
4. Map root user: N/A
5. Maproot Group: N/A
6. Mapall User: N/A
7. Mapall Group: N/A
8. Path: /mnt/RAID1/Media
9. etc/fstab: 192.168.10.100:/mnt/RAID1/Media /mnt/mynas nfs
10. Volume:
    
    

I have really no idea why I get on the drive any more rrrr...

best regards
freenassnofla

 

[solarisguy]

Try mapping user root to root and group wheel to wheel.

On both server and client execute

Code:

showmount -e 192.168.10.100
rpcinfo -p 192.168.10.100

 

[Freesnofla]

I changed the setup into root and wheel. Still the same mess I can't get any more on my files.

Client

Code:

snofla@snofla-G71V:~$ showmount -e 192.168.10.100
Export list for 192.168.10.100:
/mnt/RAID1/jails/crashplan_1 192.168.10.0
snofla@snofla-G71V:~$ rpcinfo -p 192.168.10.100
  program vers proto  port  service
    100000    4  tcp    111  portmapper
    100000    3  tcp    111  portmapper
    100000    2  tcp    111  portmapper
    100000    4  udp    111  portmapper
    100000    3  udp    111  portmapper
    100000    2  udp    111  portmapper
    100000    4    7    111  portmapper
    100000    3    7    111  portmapper
    100000    2    7    111  portmapper
    100005    1  udp    958  mountd
    100005    3  udp    958  mountd
    100005    1  tcp    958  mountd
    100005    3  tcp    958  mountd
    100003    2  tcp  2049  nfs
    100003    3  tcp  2049  nfs
    100024    1  udp    852  status
    100024    1  tcp    852  status
    100021    0  udp    950  nlockmgr
    100021    0  tcp    626  nlockmgr
    100021    1  udp    950  nlockmgr
    100021    1  tcp    626  nlockmgr
    100021    3  udp    950  nlockmgr
    100021    3  tcp    626  nlockmgr
    100021    4  udp    950  nlockmgr
    100021    4  tcp    626  nlockmgr

FreeNas box

Code:

[root@freenas ~]# showmount -e 192.168.10.100                                 
Exports list on 192.168.10.100:                                               
/mnt/RAID1/jails/crashplan_1      192.168.10.0 

FreeNas box

Code:

[root@freenas ~]# rpcinfo -p 192.168.10.100                                                                                       
  program vers proto  port  service                                                                                             
    100000    4  tcp    111  rpcbind                                                                                             
    100000    3  tcp    111  rpcbind                                                                                             
    100000    2  tcp    111  rpcbind                                                                                             
    100000    4  udp    111  rpcbind                                                                                             
    100000    3  udp    111  rpcbind                                                                                             
    100000    2  udp    111  rpcbind                                                                                             
    100000    4 local    111  rpcbind                                                                                             
    100000    3 local    111  rpcbind                                                                                             
    100000    2 local    111  rpcbind                                                                                             
    100005    1  udp    958  mountd                                                                                               
    100005    3  udp    958  mountd                                                                                               
    100005    1  tcp    958  mountd                                                                                               
    100005    3  tcp    958  mountd                                                                                               
    100003    2  tcp  2049  nfs                                                                                                 
    100003    3  tcp  2049  nfs                                                                                                 
    100024    1  udp    852  status                                                                                               
    100024    1  tcp    852  status                                                                                               
    100021    0  udp    950  nlockmgr                                                                                             
    100021    0  tcp    626  nlockmgr                                                                                             
    100021    1  udp    950  nlockmgr                                                                                             
    100021    1  tcp    626  nlockmgr                                                                                             
    100021    3  udp    950  nlockmgr                                                                                             
    100021    3  tcp    626  nlockmgr                                                                                             
    100021    4  udp    950  nlockmgr                                                                                             
    100021    4  tcp    626  nlockmgr 

 

[solarisguy]

Do you

1. get access denied when trying to mount the NFS share?
2. or your mount is OK, but you cannot access the files?

For 1., when in the GUI go to Services -> NFS -> NFS Settings and enable Serve UDP NFS clients:

For 2., did you unmount and then remount the share? Can you do ls -l ? What do you see?

 

[Freesnofla]

you are right I do have trouble with get access denied to the server.

 

[solarisguy]

And after enabling Serve UDP NFS clients: ?

 

[Freesnofla]

I changed "Serve UDP NFS "unfortunately that didn't solved my issue

Code:

[root@freenas ~]# rpcinfo -p 192.168.10.100                                                                                       
  program vers proto  port  service                                                                                             
    100000    4  tcp    111  rpcbind                                                                                             
    100000    3  tcp    111  rpcbind                                                                                             
    100000    2  tcp    111  rpcbind                                                                                             
    100000    4  udp    111  rpcbind                                                                                             
    100000    3  udp    111  rpcbind                                                                                             
    100000    2  udp    111  rpcbind                                                                                             
    100000    4 local    111  rpcbind                                                                                             
    100000    3 local    111  rpcbind                                                                                             
    100000    2 local    111  rpcbind                                                                                             
    100005    1  udp    915  mountd                                                                                               
    100005    3  udp    915  mountd                                                                                               
    100005    1  tcp    915  mountd                                                                                               
    100005    3  tcp    915  mountd                                                                                               
    100003    2  udp  2049  nfs                                                                                                 
    100003    3  udp  2049  nfs                                                                                                 
    100003    2  tcp  2049  nfs                                                                                                 
    100003    3  tcp  2049  nfs                                                                                                 
    100024    1  udp    751  status                                                                                               
    100024    1  tcp    751  status                                                                                               
    100021    0  udp    892  nlockmgr                                                                                             
    100021    0  tcp    826  nlockmgr                                                                                             
    100021    1  udp    892  nlockmgr                                                                                             
    100021    1  tcp    826  nlockmgr                                                                                             
    100021    3  udp    892  nlockmgr                                                                                             
    100021    3  tcp    826  nlockmgr                                                                                             
    100021    4  udp    892  nlockmgr                                                                                             
    100021    4  tcp    826  nlockmgr                                                                                             
[root@freenas ~]#                

Code:

[root@freenas ~]# showmount -e 192.168.10.100                                                                                     
Exports list on 192.168.10.100:                                                                                                   
/mnt/RAID1/jails/crashplan_1      192.168.10.0                                                                                   
[root@freenas ~]# ^C                                                                                                               
[root@freenas ~]#  

Code:

[root@freenas ~]# ls -l                                                       
total 42                                                                       
-rw-r--r--  1 root  wheel  1128 Apr 23 05:25 .bashrc                           
-rw-r--r--  1 root  wheel  919 Apr 23 05:25 .cshrc                           
-rw-r--r--  1 root  wheel    80 Apr 23 20:48 .k5login                         
-rw-r--r--  1 root  wheel  229 Apr 23 20:48 .login                           
-rw-r--r--  1 root  wheel  489 Apr 23 05:25 .profile                         
-rw-r--r--  1 root  wheel  1128 Apr 23 05:25 .shrc                             
-rwxr-xr-x  1 root  wheel  1677 Apr 23 05:25 change_password                   
-rwxr-xr-x  1 root  wheel  1630 Apr 23 05:25 save_cfg                         
-rwxr-xr-x  1 root  wheel  926 Apr 23 05:25 save_rrds.sh                     
-rwxr-xr-x  1 root  wheel  1591 Apr 23 05:25 save_sshkeys                     
-rwxr-xr-x  1 root  wheel  1607 Apr 23 05:25 update                           
-rwxr-xr-x  1 root  wheel  2889 Apr 23 05:25 updatep1                         
-rwxr-xr-x  1 root  wheel  3165 Apr 23 05:25 updatep2                         
[root@freenas ~]#                                  

Still ongoing;

Code:

root@snofla-G71V:~# mount -a
mount.nfs: access denied by server while mounting 192.168.10.100:/mnt/RAID1/Media

 

[solarisguy]

You are exporting /mnt/RAID1/jails/crashplan_1 and trying to mount /mnt/RAID1/Media !

 

[Freesnofla]

I'm not sure what I'm doing wrong, I do have etc/fstab in my PC 192.168.10.100:/mnt/RAID1/Media /mnt/mynas nfs and where do I then Export from? I have no idea.

 

[solarisguy]

In your FreeNAS GUI, go to the left panel
Sharing -> Unix (NFS) Share -> click on the path shown

At the bottom of the dialog window there would be an area named Path. The first Path: will have /mnt/RAID1/jails/crashplan_1 and the other will be blank. Leave the first one unchanged, and browse in the blank one to /mnt/RAID1/Media and click OK.

Go to Services, and toggle NFS service from on to off, then from off to on. Retry mounting on your NFS client.

 

[Freesnofla]

@solarisguy ; finally I managed to got the drive mounted. I still have a issue to understand the setup so far.

I do have the volumes, Media and Data, where I added user root.
Secondly I do have the NFS shares, Media and Data as well, and exactly that point makes me crazy, should I in such case create new users for that purposes? How do I understand this setup, is that a kind of layer 1 and layer 2? I also enter my NAS from outside the home network, so what is the most secure way. I also use VPN to get it better secured.

 

[solarisguy]

Your security comes from security of your VPN and router that is guarding the entry to your network. Kind of simple. That is not all. Your security when using VPN is also including all the security weaknesses of the network you are on when doing VPN... A very long story...

Users are defined once per a FreeNAS system (not talking about jails, another story). NFS share and datasets/filesystems can be added and deleted, but the user management is independent of it. The only rule one has to watch for is that you cannot share/export something that is already exported. Unless your security rules forbid that, please always enable the option All Directories: in the Add Unix (NFS) Share dialog window.

If you want, for accounting or security reasons, only different users accessing Media and Data, then yes you are talking about new users if you had Media and now added Data. Long story. Nothing about FreeNAS in there, pure NFS and Unix/Linux system administration.

 

[Freesnofla]

Do I need to create a NFS share for every user or is this the wrong way I think? I think I lost a bit the overview.

 

[solarisguy]

I do not know, since it depends on many factors. Most likely not, but I recall NFS servers where the security model was forcing such a setup.

You have to think whether you need or want security. You have to know whether you are protecting users from themselves or security comes from an external source. There is also a tradeoff between security and ease of use and ease of administration (if administration is difficult or usability is not good, then they might be a cause of data loss or data leak). Etc., etc.