From owner-freebsd-net@freebsd.org Fri Aug 16 10:42:25 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4F170C829A for ; Fri, 16 Aug 2019 10:42:25 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4690JJ0q1yz45TQ for ; Fri, 16 Aug 2019 10:42:23 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from slw by zxy.spb.ru with local (Exim 4.86 (FreeBSD)) (envelope-from ) id 1hyZgc-0001bh-6O; Fri, 16 Aug 2019 13:42:22 +0300 Date: Fri, 16 Aug 2019 13:42:22 +0300 From: Slawa Olhovchenkov To: Alexander Lunev Cc: freebsd-net@freebsd.org Subject: Re: NFSv4 without Kerberos Message-ID: <20190816104222.GN47119@zxy.spb.ru> References: <522283ee-dc4b-6439-fb05-7254511a214b@zato.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <522283ee-dc4b-6439-fb05-7254511a214b@zato.ru> User-Agent: Mutt/1.5.24 (2015-08-30) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-Rspamd-Queue-Id: 4690JJ0q1yz45TQ X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of slw@zxy.spb.ru has no SPF policy when checking 195.70.199.98) smtp.mailfrom=slw@zxy.spb.ru X-Spamd-Result: default: False [-0.77 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.71)[-0.712,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.76)[-0.764,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[zxy.spb.ru]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.19)[-0.195,0]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:5495, ipnet:195.70.192.0/19, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.00)[country: RU(0.01)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Aug 2019 10:42:25 -0000 On Fri, Aug 16, 2019 at 01:05:27PM +0300, Alexander Lunev via freebsd-net wrote: > Hello everyone! > > I'm trying to build diskless system with some mounts done by NFSv4, and > i can't figure out how to mount share without kerberos, with -sec=sys > flavour. Doing all by handbook, on server i have: > > > server's /etc/rc.conf (part of it): > ifconfig_em1="inet 10.101.0.1/24" > nfs_server_enable="YES" > nfsuserd_enable="YES" > nfsv4_server_enable="YES" > > server's /etc/exports > > /mnt/diskless10 -network 10.101.0 -mask 255.255.255.0 > V4: /mnt/v4share -sec=sys -network 10.101.0 -mask 255.255.255.0 > > > client's /etc/rc.conf: > > hostname="netboot_v4.local" > nfsuserd_enable="YES" > nfs_client_enable="YES" > hostid_enable="NO" > > > Client is diskless, it mounts /mnt/diskless10 as read-only NFS root (rw > mount don't change anything), system is booted just fine. When on client > i'm trying to mount NFSv4 share from server: > > root@netboot_v4: ~# mount_nfs -o nfsvers=4 10.101.0.1:/mnt/v4share /var/mnt > [tcp] 10.101.0.1:/mnt/v4share: Permission denied try `mount_nfs -o nfsvers=4 10.101.0.1:/ /var/mnt` > In server's /var/log/messages: > > Aug 14 21:06:58 virt mountd[7392]: mount request denied from 10.101.0.20 > for /mnt/v4share > > There is no other messages. Tried to search web - there's stories about > successful mount in kerberized environment (and me myself got this done > at another place, mounted share from FreeBSD on Ubuntu by NFSv4 just > fine), but i don't want kerberos complexity in this system. > > How can I debug mount process on client and on server? > > -- > Best regards, > Alexander Lunev > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"