OpenVMS 8.4 NFS Export to Linux: Permission Denied (833 Views)
Reply
Occasional Visitor
mjkushner
Posts: 2
Registered: ‎12-01-2011
Message 1 of 5 (833 Views)

OpenVMS 8.4 NFS Export to Linux: Permission Denied

I am trying to export disks from an OpenVMS 8.4 machine to a Linux Enterprise v5.3 machine.

I think I've done everything expected, but receive a permission denied error when attempting to mount on the Linux Machine. Can anyone lend advice?  I have listed below the background and particulars.

 

The VMS host is:     uigelc.eecs.umich.edu

The VMS device to be exported is:    uigelc$dka200:

The VMS mapping is to:     /uigelc_dka200

The VMS proxy to the Linux is:    NFS, uid=0/gid=0

The Linux host is: uigel14.eecs.umich.edu (141.213.8.129)

 

Just to verify, the TCPIP output on the VMS host is

 

TCPIP> show export

File System                            Host name

/uigelc_dka200             UIGEL14.EECS.UMICH.EDU,

                                         uigel14.eecs.umich.edu, 141.213.8.129,

                                         uigel14, UIGEL14

TCPIP> sho map

Dynamic Filesystem Map

Pathname                        Logical File System

/uigelc_dka200               UIGELC$DKA200:

 

TCPIP> show proxy

VMS User_name     Type      User_ID    Group_ID   Host_name

NFS                            ON              0                   0           141.213.8.129, UIGEL14,
                                                                                           UIGEL14.EECS.UMICH.EDU,
                                                                                           uigel14,uigel14.eecs.umich.edu

 

(NOTE: According to the passwd file on uigel14.eecs.umich.edu, root is uid=0,gid=0

root:x:0:0:root:/root:/bin/bash  )

 

(NOTE: I've used every permutation of uigel14.eecs.umich.edu just to make certain....)

 

When executing the mount command on uigel14, I get the following error:

 

mount uigelc.eecs.umich.edu:/uigelc_dka200 /uigelc_dka200
mount.nfs: Permission denied

 

I executed the following command on uigel14 to confirm that /uigelc_dka200 is being exported by uigelc:

 

/usr/sbin/showmount -e uigelc.eecs.umich.edu
Export list for uigelc.eecs.umich.edu:
/uigelc_dka200 UIGEL14.EECS.UMICH.EDU,uigel14.eecs.umich.edu,UIGEL14,uigel14,UIGEL14

 

So it looks as though uigel14 is seeing the export from uigelc.

 

I also tried a modifed mount command, and also get  a permission denied.

 

mount -t nfs uigelc.eecs.umich.edu:/uigelc_dka200 /uigelc_dka200

mount.nfs: Permission denied

 

The permissions on the Linux mount point are:

 

 ls -lat /uigelc_dka200
total 16
drwxr-xr-x  2 root root 4096 Nov 30 17:06 .
drwxr-xr-x 34 root root 4096 Nov 30 17:06 ..

Please use plain text.
Honored Contributor
Richard Brodie_1
Posts: 573
Registered: ‎10-09-2003
Message 2 of 5 (815 Views)

Re: OpenVMS 8.4 NFS Export to Linux: Permission Denied

Using REPLY/ENABLE=NETWORK to get operator messages can be useful debugging NFS server problems.

 

It may be some sort of root_squash issue but getting the error messages is going to be better than guessing.

Please use plain text.
Frequent Advisor
Marco Gariboldi
Posts: 46
Registered: ‎01-21-2011
Message 3 of 5 (578 Views)

Re: OpenVMS 8.4 NFS Export to Linux: Permission Denied

Sadly, but I'm afraid that REPLY /ENABLE=NETWORK didn't provide any answers, nor the desired verbosity.  I've run into the same problems, as described throughout this thread, in the last few days (as I'm trying to mount a share on a UNIX machine). 

Please use plain text.
Acclaimed Contributor
Dennis Handly
Posts: 24,746
Registered: ‎03-06-2006
Message 4 of 5 (572 Views)

Re: OpenVMS 8.4 NFS Export to Linux: Permission Denied

>as I'm trying to mount a share on a UNIX machine

 

What version of UNIX?

Please use plain text.
Esteemed Contributor
H.Becker
Posts: 354
Registered: ‎04-09-2009
Message 5 of 5 (551 Views)

Re: OpenVMS 8.4 NFS Export to Linux: Permission Denied

>>> I've run into the same problems, as described throughout this thread, in the last few days (as I'm trying to mount a share on a UNIX machine). 

 
On a V8.3/Alpha system with TCP/IP Services V5.6 and without any of the recent patches ...
 
The usual stuff: make sure you have the NFS and PORTMAPPER server enabled and running (@sys$startup:tcpip$config will tell you); make sure you have a valid VMS user/account which you want to use for the proxy; specify the uid and gid of the Linux user doing the mount (often uid=0(root) gid=0(root)), in the VMS proxy record.
  
$ mc authorize show guest
 
Username: GUEST                            Owner:  Guest
Account:  GUEST                            UIC:    [200,201] ([SYSUSER,GUEST])
CLI:      DCL                              Tables: DCLTABLES
Default:  SYS$SYSDEVICE:[GUEST]
...
Authorized Privileges: 
  NETMBX       TMPMBX
Default Privileges: 
  NETMBX       TMPMBX
$
$ dir/sec sys$sysdevice:[000000]guest
 
Directory SYS$SYSDEVICE:[000000]
 
GUEST.DIR;1          [SYSUSER,GUEST]                  (RWE,RWE,RE,RE)
 
Total of 1 file.
$
$ sh log sys$sysdevice
   "SYS$SYSDEVICE" = "SEMMEL$DKA400:" (LNM$SYSTEM_TABLE)
$ sh dev dk
 
Device                  Device           Error    Volume         Free  Trans Mnt
 Name                   Status           Count     Label        Blocks Count Cnt
...
SEMMEL$DKA400:          Mounted              0  SYS083        11180704   344   1
$
 
TCPIP> map "/SYS083" dka400:
TCPIP> add export "/SYS083" /host=192.168.178.22
TCPIP> add proxy guest /uid=0 /gid=0 /host=192.168.178.22
 
Then on the Linux node a mount command should succeed:
 
# id
uid=0(root) gid=0(root) groups=0(root)
# mkdir /vmsnfs
# mount -o nolock 192.168.178.19:/SYS083 /vmsnfs
#
 
I used nolock only because I don't have the statd running on my Linux system. You probably have it running or should start it and omit the nolock option.
 
PS:
 
# ls /vmsnfs
ls: cannot open directory /vmsnfs: Permission denied
#
 
No surprise, the VMS GUEST account has no right to look at the MFD of the VMS disk.
 
# ls /vmsnfs/guest
ls: cannot access /vmsnfs/guest: No such file or directory
# 
 
Right, there is no such file "guest" and the "add export" didn't specify the TYPELESS_DIRECTORIES option.
 
# ls /vmsnfs/guest.dir
LOGIN.COM
#
 
Looks good to me. Now let us see your environment and commands...
 
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation