Skip to main content
Unix & Linux

Return to Revisions

4 of 14
added 127 characters in body
lampShadesDrifter
lampShadesDrifter
  • 211
  • 2
  • 5
  • 14

mount.nfs4: access denied by server while mounting (when same configs previously worked fine)

Trying to remount a set of nfs folders onto a server that was restarted, am now getting "access denied by server" errors. On client server (clientserver.co.local) I ran:

[root@clientserver ~]# mount -t nfs -vvvv 172.18.4.97:/datalake/raw/org /datalake/org/raw/ mount.nfs: timeout set for Wed Dec 30 19:41:35 2020 mount.nfs: trying text-based options 'vers=4.1,addr=172.18.4.97,clientaddr=172.18.4.98' mount.nfs: mount(2): Permission denied mount.nfs: trying text-based options 'vers=4.0,addr=172.18.4.97,clientaddr=172.18.4.98' mount.nfs: mount(2): Permission denied mount.nfs: trying text-based options 'addr=172.18.4.97' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 172.18.4.97 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 172.18.4.97 prog 100005 vers 3 prot UDP port 20048 mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting 172.18.4.97:/datalake/raw/org

and got the error you see above. (Notice it tries all the different versions of nfs and still fails).

I ran tcmpdump to monitor the packet traffic during the mount command (based on the advice here), but have no idea how to interpret the logs (could post something like last 10 lines if that would help).

Checking the mounts on the network from the hosting nfsserver.co.local server on the client, I saw:

[root@clientserver ~]# showmount -e Export list for clientserver.co.local: [root@clientserver ~]# showmount -e 172.18.4.97 Export list for 172.18.4.97: /datalake/raw/org/HI_BRFSS clientserver.co.local,otherclient.co.local /datalake/raw/org clientserver.co.local,otherclient.co.local /datalake/analytics/org clientserver.co.local,otherclient.co.local [root@clientserver ~]# service nfs status Redirecting to /bin/systemctl status nfs.service ● nfs-server.service - NFS server and services Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled) Active: active (exited) since Wed 2020-12-30 18:32:09 HST; 11min ago Process: 93274 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS) Process: 93271 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS) Process: 93266 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS) Process: 93307 ExecStartPost=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl reload gssproxy ; fi (code=exited, status=0/SUCCESS) Process: 93290 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS) Process: 93288 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS) Main PID: 93290 (code=exited, status=0/SUCCESS) Tasks: 0 CGroup: /system.slice/nfs-server.service Dec 30 18:32:09 clientserver.co.local systemd[1]: Starting NFS server and services... Dec 30 18:32:09 clientserver.co.local systemd[1]: Started NFS server and services.

So everything looks like how I would think it's supposed to (showmount does show the nfs folder I am trying to mount).

I can ping the nfsserver machine by both name and IP address from the client (and vice versa from the nfsserver machine).

Looking on the nfsserver server, I see:

[root@nfsserver ~]# cat /etc/exports /datalake/analytics/org otherclient(rw,no_root_squash,sync) clientserver(rw,root_squash,sync) /datalake/raw/org otherclient(rw,no_root_squash,sync) clientserver(ro,root_squash,sync) /datalake/raw/org/HI_BRFSS otherclient(ro,no_root_squash,sync) clientserver(ro,root_squash,sync) [root@nfsserver ~]# exportfs -rav exporting otherclient.co.local:/datalake/raw/org/HI_BRFSS exporting clientserver.co.local:/datalake/raw/org/HI_BRFSS exporting otherclient.co.local:/datalake/raw/org exporting clientserver.co.local:/datalake/raw/org exporting otherclient.co.local:/datalake/analytics/org exporting clientserver.co.local:/datalake/analytics/org [root@nfsserver ~]# systemctl status nfs ● nfs-server.service - NFS server and services Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled) Active: active (exited) since Wed 2020-12-30 18:38:00 HST; 22min ago Process: 135417 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS) Process: 135414 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS) Process: 135412 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS) Process: 135447 ExecStartPost=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl reload gssproxy ; fi (code=exited, status= 0/SUCCESS) Process: 135430 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS) Process: 135428 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS) Main PID: 135430 (code=exited, status=0/SUCCESS) CGroup: /system.slice/nfs-server.service Dec 30 18:38:00 nfsserver.co.local systemd[1]: Starting NFS server and services... Dec 30 18:38:00 nfsserver.co.local systemd[1]: Started NFS server and services.

So again, everything seems to be configured as needed. (I have seen some answers that recommend a specific configuration for /etc/exports but I'd prefer to keep as is and this configuration was working up until now).

Anyone with more experience know what could be going wrong here? Any further debugging advice / info to add that would make this question better?

lampShadesDrifter
  • 211
  • 2
  • 5
  • 14