No permission to read from NFS as user

Discussion about using NAS on Linux and Unix OS.
Post Reply
msssm
New here
Posts: 4
Joined: Wed Mar 17, 2021 4:11 pm

No permission to read from NFS as user

Post by msssm » Wed Mar 17, 2021 4:42 pm

TS-110
Version: 4.2.6

Hello,

I can mount the NFS share from my Linux, but have no permission as user.

I created a user msm, permission for share /Download is RW, applied to all subfolders.
User and group permission for Download is Read/Write for users "admin" and "msm".
NFS-Settings are ALLS_QUASH to UID of msm. Allowed IPs are *.

/etc/exports is now:

Code: Select all

[~] # cat /etc/exports 
"/share/HDA_DATA/Download" *(rw,async,no_subtree_check,insecure,all_squash,anonuid=500,anongid=100)

[~] # ls -al /share/HDA_DATA/Download
drwxrwxrwx    3 admin    administ      4096 Mar 16 10:32 ./
drwxrwxrwx   32 admin    administ      4096 Dec  1 14:36 ../
drwxrwx---    2 admin    administ      4096 Jan 23  2018 @Recycle/
-rwxrwx---    1 admin    administ 3268147200 Nov 28  2015 backup.iso*

[~] # grep msm /etc/passwd 
msm:x:500:100:Linux User,,,:/share/homes/msm:/bin/sh

[~] # grep msm /etc/group  
users:x:101:msm
From filesystem view, the user msm has no permission as it is no member of group admin. I also tried to add the user to the admin group, but this did not solve it either.

On the Linux client it looks like:

Code: Select all

$ ls -al /mnt/lan/Download/
total 5641828
drwxrwxrwx 3 root root       4096 16. Mär 10:32 .
drwxr-xr-x 9 root root          0 17. Mär 07:12 ..
-rwxrwx--- 1 root root 3268147200 28. Nov 2015  backup.iso

$ mount |grep Download
nas:/Download on /mnt/autofs/lan/Download type nfs (rw,relatime,vers=3,rsize=32768,wsize=32768,namlen=255,soft,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.8.200,mountvers=3,mountport=30000,mountproto=udp,local_lock=none,addr=192.168.8.200)

$ md5sum /mnt/lan/Download/backup.iso
md5sum: /mnt/lan/Download/backup.iso: Permission denied
Before messing around on the terminal, how would I solve this from the QNAP gui?

grouillier
Starting out
Posts: 18
Joined: Mon Apr 19, 2021 11:47 am

Re: No permission to read from NFS as user

Post by grouillier » Mon May 17, 2021 4:15 pm

I've only had my first QNAP NAS - a TS-230 - for about a week, so I'm new to all of this. I've been trying to figure out NFS access for my LInux systems for the last day or so, and I've got it working for my limited needs. Here's what I learned so far. Users and groups permissions is not for NFS. It states specifically when that permission type is selected: "Edit the user and group permissions for access from Windows, MAC, FTP, and File Station."

So, as far as I'm understanding, the only permissions that affect NFS access are those showing when you change Select permission type to "NFS host access". On my system, I don't have any other type of authentication configured (e.g, Kerberos), so the Security column says sys, and I can't change it. I've configured the folder permissions to allow read-write access to my user id. I then connected to NFS as that user id, and was able to copy files to the share for which that user id had been granted access. Those files are showing my user id and my group id as the owner.

Looking at your listings, I don't see that you've done a root squash, so the admin account is storing file under it's own uid and groupid. I would suggest you only connect via your msm account, so that all files (and subdirectories) end up with msm:msm as the owner and group owner, respectively. Then you should be able to execute your md5sum successfully.

You can simply run "chown -R msm:msm *" as admin to change ownership of existing files in the download directory. Hope this helps.
TS-230, QTS 4.5.3, single 3 TB Western Digital Red Plus

serpro69
Starting out
Posts: 13
Joined: Sun Jan 17, 2021 5:18 pm

Re: No permission to read from NFS as user

Post by serpro69 » Thu Jul 22, 2021 3:19 pm

grouillier wrote:
Mon May 17, 2021 4:15 pm
I've configured the folder permissions to allow read-write access to my user id. I then connected to NFS as that user id, and was able to copy files to the share for which that user id had been granted access. Those files are showing my user id and my group id as the owner.
Hi,

I'm having the same issue. How exactly did you configure folder permissions for RW access to your user id? The only way I can make this work is if I make my user the owner of the folder. But giving my user RW rights while some other user (e.g. admin) is the owner - does not work.

Thanks.

grouillier
Starting out
Posts: 18
Joined: Mon Apr 19, 2021 11:47 am

Re: No permission to read from NFS as user

Post by grouillier » Thu Jul 22, 2021 6:59 pm

I'm having the same issue. How exactly did you configure folder permissions for RW access to your user id? The only way I can make this work is if I make my user the owner of the folder. But giving my user RW rights while some other user (e.g. admin) is the owner - does not work.
I'm using my NAS only as a file backup server for my home network. So, making my user id owner of the folder is an acceptable option.

However, to allow the owner of the folder to be different than your user id, you'll need to understand how Linux (really, Unix) permissions work. I don't want to go into great detail if you already have experience with this, but basically, Linux defines permissions for the user, group and other (every one who is not either the user or in the group). The folder permissions determine who has read-write permissions to the files within the folder.

So, if your user id is *not* the owner of the folder, then (1) if your user id is in the same group as the owner, you can give write permission of the folder to the group, and your user id will be able to create files within that folder. (2) if your user id is *not* in the same group as the owner, then you will have to give write permission for the folder to "other". You will also need to grant execute permissions to the folder to allow your user id to enter that folder.

Hope this helps.
TS-230, QTS 4.5.3, single 3 TB Western Digital Red Plus

Post Reply

Return to “Linux & Unix (NFS)”