nfs access to volumes with ntfs security mode

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

nfs access to volumes with ntfs security mode

Peter D. Gray
Hi toasters

We are migrating to cluster mode from 7 mode and having troubles
with NFS access to volumes also doing CIFS.


If I create a volume with NTFS security mode, and export aforesaid volume via
NFS to a client, the client cannot read the volume. The mount suceeds,
that is a filesystem handle is returned, but calls to access the directort fail,
with message "file temporarily unavailable on the server, retrying..."
The actual NFS error over the wire is is NFS3ERR_JUKEBOX. This is
as root on the client. Non-root just gets permission denied.

We have already set -ignore-nt-acl-for-root enabled
on the vserver.

The actuall settings on the vserver are:

                -access true \
                -v3 enabled \
                -udp enabled \
                -tcp enabled \
                -v4-id-domain its.uow.edu.au \
                -v4.0 enabled \
                -v4.1 enabled \
                -v4.0-acl enabled \
                -v4.1-acl enabled \
                -v4.0-read-delegation enabled \
                -v4.1-read-delegation enabled \
                -v4.0-write-delegation enabled \
                -v4.1-write-delegation enabled \
                -v4.1-pnfs enabled \
                -v4-numeric-ids enabled \
                -mount-rootonly enabled \
                -nfs-rootonly enabled \
                -showmount enabled \
                -vstorage disabled \
                -ignore-nt-acl-for-root enabled


So, what are we doing wrong or is this a bug?

Regards,
pdg

Peter Gray Ph (direct): +61 2 4221 3770
Information Management & Technology Services Ph (switch): +61 2 4221 3555
University of Wollongong Fax: +61 2 4229 1958
Wollongong NSW 2522 Email: [hidden email]
Australia URL: http://pdg.uow.edu.au
_______________________________________________
Toasters mailing list
[hidden email]
http://www.teaparty.net/mailman/listinfo/toasters
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: nfs access to volumes with ntfs security mode

Momonth
Hi,

Did you grant read-only access to "vol0" of the cDOT SVM?


On Thu, Jun 23, 2016 at 7:22 AM, Peter D. Gray <[hidden email]> wrote:

> Hi toasters
>
> We are migrating to cluster mode from 7 mode and having troubles
> with NFS access to volumes also doing CIFS.
>
>
> If I create a volume with NTFS security mode, and export aforesaid volume via
> NFS to a client, the client cannot read the volume. The mount suceeds,
> that is a filesystem handle is returned, but calls to access the directort fail,
> with message "file temporarily unavailable on the server, retrying..."
> The actual NFS error over the wire is is NFS3ERR_JUKEBOX. This is
> as root on the client. Non-root just gets permission denied.
>
> We have already set -ignore-nt-acl-for-root enabled
> on the vserver.
>
> The actuall settings on the vserver are:
>
>                 -access true \
>                 -v3 enabled \
>                 -udp enabled \
>                 -tcp enabled \
>                 -v4-id-domain its.uow.edu.au \
>                 -v4.0 enabled \
>                 -v4.1 enabled \
>                 -v4.0-acl enabled \
>                 -v4.1-acl enabled \
>                 -v4.0-read-delegation enabled \
>                 -v4.1-read-delegation enabled \
>                 -v4.0-write-delegation enabled \
>                 -v4.1-write-delegation enabled \
>                 -v4.1-pnfs enabled \
>                 -v4-numeric-ids enabled \
>                 -mount-rootonly enabled \
>                 -nfs-rootonly enabled \
>                 -showmount enabled \
>                 -vstorage disabled \
>                 -ignore-nt-acl-for-root enabled
>
>
> So, what are we doing wrong or is this a bug?
>
_______________________________________________
Toasters mailing list
[hidden email]
http://www.teaparty.net/mailman/listinfo/toasters
Loading...