Selective file permission errors on NFS mounted volumes

by techn0mad   Last Updated September 11, 2019 17:00 PM

I have two Red Hat 7 clients (one is RHEL, one is CentOS) NFS mounting a directory from a NetApp server. The RHEL client mounts the volume read-write, whereas the CentOS client mounts the volume read-only.

At the mount level, nothing appears to be wrong and the mounted filesystems behave as expected. Both clients are granted root access (no_root_squash) in the export rules on the NetApp, and the RHEL client is granted read-write access, and the CentOS client is granted read-only access.

selinux is disabled on both clients, the mount entries in /etc/fstab look like this for the two clients:

RHEL:

netapp1:/tools      /TOOLS  nfs defaults    0 0

CentOS:

netapp1:/tools     /tools                  nfs     hard,intr,ro    0 0

The mount details (output from mount) are as follows:

RHEL:

netapp1:/tools on /TOOLS type nfs4 (rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.200.75.204,local_lock=none,addr=10.200.77.54)

CentOS:

netapp1:/tools on /tools type nfs4 (ro,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.100.212.163,local_lock=none,addr=10.200.77.54)

The problem exhibits itself only with specific files, as shown below:

RHEL:

[[email protected] ssh]# ls -al
total 168
drwxr-xr-x  2 root root   4096 Nov  5  2014 .
drwxr-xr-x 66 root root  12288 Nov  5  2014 ..
-rw-r--r--  1 root root 125749 Apr  2  2014 moduli
-rw-r--r--  1 root root   1669 Apr  2  2014 ssh_config
-rw-r--r--  1 root root   2453 Nov  5  2014 sshd_config
-rw-------  1 root root    668 Nov  5  2014 ssh_host_dsa_key
-rw-r--r--  1 root root    602 Nov  5  2014 ssh_host_dsa_key.pub
-rw-------  1 root root   1675 Nov  5  2014 ssh_host_rsa_key
-rw-r--r--  1 root root    394 Nov  5  2014 ssh_host_rsa_key.pub
[[email protected] ssh]# cat sshd_config | wc -l
86
[[email protected] ssh]# cat ssh_host_dsa_key | wc -l
12
[[email protected] ssh]# id
uid=0(root) gid=0(root) groups=0(root)

This is the expected result.

CentOS:

[[email protected] ssh]# ls -al
total 168
drwxr-xr-x  2 root root   4096 Nov  5  2014 .
drwxr-xr-x 66 root root  12288 Nov  5  2014 ..
-rw-r--r--  1 root root 125749 Apr  2  2014 moduli
-rw-r--r--  1 root root   1669 Apr  2  2014 ssh_config
-rw-r--r--  1 root root   2453 Nov  5  2014 sshd_config
-rw-------  1 root root    668 Nov  5  2014 ssh_host_dsa_key
-rw-r--r--  1 root root    602 Nov  5  2014 ssh_host_dsa_key.pub
-rw-------  1 root root   1675 Nov  5  2014 ssh_host_rsa_key
-rw-r--r--  1 root root    394 Nov  5  2014 ssh_host_rsa_key.pub
[[email protected] ssh]# cat sshd_config | wc -l
86
[[email protected] ssh]# cat ssh_host_dsa_key | wc -l
cat: ssh_host_dsa_key: Permission denied
0
[[email protected] ssh]# id
uid=0(root) gid=0(root) groups=0(root)

Here we see that with the root ID, we have the expected access to some files, but for specific files, we do not have access even though the permissions shown should allow access.

I'd welcome any clues or ideas on how to further debug this issue.



Related Questions


Updated February 10, 2017 14:00 PM

Updated December 27, 2015 09:00 AM

Updated February 23, 2017 15:00 PM

Updated September 21, 2015 22:00 PM

Updated October 19, 2015 16:00 PM