# NFS share blocked based on user?

## hasues

I have three hosts.  One is the nfs server, and two are nfs clients.  On one of the clients, logged in as my user id, I can not access the data on that share.

On the client with the user having the issue:

      [myuser] $ cd /home                                                            

      [myuser] $ ls

      myuser  photos

      [myuser] $ ls -la                                                              

      total 24

      drwxr-xr-x   4 root   root      4096 Nov 19  2009 .

      drwxr-xr-x  22 root   root      4096 Aug 24 01:32 ..

      drwxr-xr-x 150 myuser users     4096 Aug 26 18:55 myuser

      -rw-r--r--   1 root   root         0 Aug  3  2006 .keep

      drwxrwx--x 176   1023 pixpeeps 12288 Aug 20 19:39 photos

      [myuser] $ mount |grep nfs                                                      

      mindpaint:/home/photos on /home/photos type nfs (ro,addr=192.168.74.1)

      [myuser] $ cd photos                                                            

      [myuser] $ ls                                                            

      ls: cannot open directory .: Permission denied

      [myuser] $ groups

      disk wheel floppy uucp audio cdrom dialout video games cdrw usb users vboxusers plugdev scanner wireshark pixpeeps

    [myuser] $ cd ..                                                                

    [myuser] $ sudo useradd -g pixpeeps -s /bin/bash testuser

      Password:

    [myuser] $ sudo passwd testuser                                                

      New password:

      Retype new password:

      passwd: password updated successfully

    [myuser] $ su - testuser                                                        

      Password:

      No directory, logging in with HOME=/

    testuser@myhost / $ cd /home/photos

    testuser@myhost /home/photos $ ls

      2002 Christmas

      2003 Christmas

    testuser@myhost /home/photos $

So I think this proves that the client works correctly on this host.  As shown the user is in the appropriate group, but for whatever reason this user can not access the data on the share.  If I create a user and put it in the same group, it works fine.  The only thing I can think that changed is that the host was updated recently.  This used to work fine.

/etc/fstab contains:

  192.168.74.1:/home/photos  /home/photos    nfs        ro                        0 0

I'm stumped.  Is something in policy kit preventing it?  Pam?  My user on the third host, another client, works correctly there...the UIDs and GIDs match in the /etc/passwd and /etc/group files on all hosts.

----------

## eccerr0r

Did you try rebooting/relogin on the client?

Does running 'newgrp pixpeeps' before cd'ing into the directory help?  (Then client reboot/relogin may help)

----------

## Hu

Your user's first sixteen groups do not contain pixpeeps.  If I recall correctly, a protocol limitation causes only your first sixteen groups to be sent when checking access permissions.

----------

## hasues

A reboot shouldn't be needed because the client does work...the addition of a user proves such, and if anything it would prove there is something wrong with the user...the host was rebooted once as I wanted to make sure that I had the correct options in the nfs module.

As far as the number of groups, that appears to be the issue because if these groups are sent in ascending order of gid, pixpeeps would be last, and I recently added that user to the uucp group.  I removed the disk group because I don't think the user needs access to the disk group.  Thank you both for your help.  I spent all day and all night looking that up, and it was mind boggling.

Haz

----------

