# NFS Permissions Problems---Show your wizadry

## Woland

O. K., I've searched the fora, re-read the HOWTO, but I am still stumped.  I get the 'mount: RPC: Program not registered' error every time I try to mount an NFS partion.

I've emerged everything I need to emerge, and nfs is running in my default run level.  When I run rpcinfo -p on my server I get:

```

program vers proto   port

    100000    2   tcp    111  portmapper

    100000    2   udp    111  portmapper

    100024    1   udp  32779  status

    100024    1   tcp  32801  status

    100003    2   udp   2049  nfs

    100003    3   udp   2049  nfs

    100003    2   tcp   2049  nfs

    100003    3   tcp   2049  nfs

    100021    1   udp  32780  nlockmgr

    100021    3   udp  32780  nlockmgr

    100021    4   udp  32780  nlockmgr

    100021    1   tcp  32802  nlockmgr

    100021    3   tcp  32802  nlockmgr

    100021    4   tcp  32802  nlockmgr

    100005    1   udp  32781  mountd

    100005    1   tcp  32803  mountd

    100005    2   udp  32781  mountd

    100005    2   tcp  32803  mountd

    100005    3   udp  32781  mountd

    100005    3   tcp  32803  mountd

```

Among the processes I have running on my host are:

```

4991 ?        00:00:00 portmap

 5157 ?        00:00:00 rpc.statd

 5166 ?        00:00:00 nfsd

 5168 ?        00:00:00 nfsd

 5169 ?        00:00:00 nfsd

 5170 ?        00:00:00 nfsd

 5167 ?        00:00:00 lockd

 5171 ?        00:00:00 rpciod

 5172 ?        00:00:00 nfsd

 5173 ?        00:00:00 nfsd

 5174 ?        00:00:00 nfsd

 5175 ?        00:00:00 nfsd

 5179 ?        00:00:00 rpc.mountd

```

I did a tcp dump with ethereal, and the resultant file may be found here:

http://www.momus.net/NFS-error.eth

I have portmap and nfsmount started on my client.

```

20197 ?        00:00:00 portmap

9830 ?        00:00:00 rpc.statd

```

show up on my client.

So, any ideas at all?

PS: The clent is my NAT/router, its external IP is the one that begins with 209.  Internally, its IP is 10.1.1.1  My NFS server has only one eth card, 10.1.1.2Last edited by Woland on Wed Apr 09, 2003 5:18 am; edited 1 time in total

----------

## Praxxus

Check /etc/services for the mount entry:

mount           635/udp                         # NFS Mount Service

----------

## Woland

thank you for such a speedy reply.

 *Praxxus wrote:*   

> Check /etc/services for the mount entry:
> 
> mount           635/udp                         # NFS Mount Service

 

Nope, it sure was not there.  I added it to both the client and server, and still had same problem.  (I even rebooted the server and went from init 3 to 1 and back again on the client for good measure.)

So, what can I do next?

----------

## Woland

Well, I came up with a solution, but it was both strange and unsatisfying.  First, getting rid of hosts.deny on the server (and yes, I tried as hard as I could to make hosts.allow work) got rid of the

"RPC: Program not registered" error, only to replace it with the more familiar permission denied error.

Well, this I knew to be a problem with the /etc/exports, so I spent the next four hours fiddling with them.   I have a very simple network set up:  the NAT gateway, also the NFS client on 10.1.1.1 and the NFS server, also my workstation, at 10.1.1.2  Simple, you would think?  But no, nothing worked untill I made the exported directories world accessable.  Then all worked like a charm.  But, this is not the most satisfactory solution, even though on my tiny network, I do not have many security concerns as such.

So, if anyone has a clue as to what is going on, please, do tell.

----------

## dol-sen

I have just setup a couple nfs servers and clients for my small network at home but did not encounter those problems.   I did try to use machine hostnames as suggested would work but didn't, but in the nfs howto it says to use correct ip#'s, which did work.   I mostly setup one machine for the /usr/portage directory, used no_root_squash so all machines could add/update the tree & distfiles.    I setup another to try installing gentoo on an old slow machine with a 1.2 gig HD for a replacement firewall, using several nfs mounts for different directories for /tmp, etc., but something messed up and it segfaults on nearly anything. 

Sorry I can't help much,  Brian

----------

## Woland

 *Quote:*   

>  I did try to use machine hostnames as suggested would work but didn't, but in the nfs howto it says to use correct ip#'s, which did work.

 

I did not even bother with machene names, just went for the numbers.  The frustrating thing was that I could see that I set up the direcories correctly in proc/fs/nfs/exports, but the machene would just not hook up.

Now that I set them to world readable, proc/fs/nfs/exports shows that my gateway machene is hooked up alright---except that it is the outside interface which seems to have them mounted!!!!!

```

/usr/portage    eudaemon.momus.net(ro,insecure,no_root_squash,sync,wdelay) # 10.1.1.2

/home   komos.momus.net(rw,insecure,no_root_squash,sync,wdelay) # 10.1.1.1

/var/tmp/portage        209-112-170-111-cdsl-rb1.nwc.acsalaska.net(rw,insecure,no_root_squash,async,wdelay) # 209.112.170.111

/home   209-112-170-111-cdsl-rb1.nwc.acsalaska.net(rw,insecure,no_root_squash,sync,wdelay) # 209.112.170.111

/usr/portage    209-112-170-111-cdsl-rb1.nwc.acsalaska.net(rw,insecure,no_root_squash,sync,wdelay) # 209.112.170.111
```

How weird is that!

My network is 

[10.1.1.2]<-------->[10.1.1.1<-NAT-MASQ-> 209.112.170.111]<-------->Interntet

Why would the 10.1.1.2 NFS server not allow a specified 10.1.1.1 client!  Pinging, ftp, ssh work just fine, so where could the problem be?

----------

## Praxxus

Ooof . . . .

Does each machine have the proper /etc/hosts entry?  Machine 1 should be in Machine2's hosts file, and vice versa.

----------

## Woland

 *Praxxus wrote:*   

> Ooof . . . .
> 
> Does each machine have the proper /etc/hosts entry?  Machine 1 should be in Machine2's hosts file, and vice versa.

 

Yep, that is all set up correctly, & I didn't bother with  hostnames in my exports file, just the IP addresses; but you are right, that is one of the things I checked.

Praxis is the essence of Man ---Karl Marx

----------

## wHAcKer

i had the exact same problem.

i even went for a bigger risk (i have a really small lan (only 3 pc's now and a hardware router connects us to the i'net)) by only making a hosts.allow but i couldn't mount it (permission denied) until i made it world writeable...

strange things going on round here  :Smile: 

----------

## wHAcKer

addition: when i made it world writeable it mounted in less then a second whereas i used to have to wait about a minute or so for a dir to get mounted over nfs, but that could 've been due to my bad configging skills  :Very Happy: 

----------

