Permissions for NFS Exports on Server 2012

I had been running Server 2003 on my Poweredge 860 supporting a RAID 5 volume for several years. Initially I just used SMB shares but later I installed Windows Services for UNIX and shared these using NFS. Many of you are aware I’m sure that server 2003 is nearing end of life. So I tried a couple of other solutions including FreeNAS but ended up with Server 2012 being my final choice.

I have set up the shares, and I can see the the IP of the NFS server from the OSMC GUI under Browse for New Share/Network File System (NFS) and when I browse the IP of the NFS server and see the different shares. However clicking the actual shares does nothing. I know that this is a permissions issue, and unfortunately I’m just not that clear on Windows/UNIX permissions.

On the Share I have selected No Server Authentication and Allow Unmapped User UNIX Access (by UID/GID).

I have created group and passwd files and copied them to the system32/drivers/etc folder.

GROUP
root:x:0:
pi:x:1000:
osmc:x:1001:

PASSWD
root:x:0:0:root:/root:/bin/sh
pi:x:1000:1000:pi:/home/pi:/bin/sh
osmc:x:1001:1001:osmc:/home/pi:/bin/sh

Is it now necessary to create corresponding Windows Server Accounts and Groups with the appropriate passwords?

Thanks for any help y’all can provide.

Are you trying to run an NFSroot on Windows Server? This will not work. See the Wiki for more information

Sam

Sam, I don’t believe that this is the case. The NFSroot I mean.

Trust me, it is. No Windows NFS (Hanewin, WS2Kx) clients can properly handle POSIX environments. Especially with the NTFS filesystem.

Sam

I actually did see the WIKI entry for NFS and Windows Servers but I didn’t find the information I needed. As I mentioned, I did have a similar setup working fine on Windows Server 2003.

What I meant to say here is that I’m not sure what you mean by “NFSroot”.

So you are simply trying to share your media via NFS correct?

Yes, and I had this working fine for years on Server 2003. I am certain that this all has to do with permissions.

I would agree. Surely Google can provide tons of info on your issue?

Yes, I have been googling my fingers off. Lots of information, unfortunately translating it seems to be an issue.

Hi

It’s been a while since I used NFS on WS2K12 (just Samba for now), but looking above again, I noticed you’ve given osmc a gid/uid of 1001. Can you change this to 1000? If you’re not using Raspbmc anymore, can you delete the ‘pi’ user and try it?

Sam

I have another RPI in another room running RASPBMC. I suppose what I should do is upgrade it to OSMC and then make the changes you suggest.

Thanks, I’ll try that.

Well, that didn’t do it. Now I’m starting to think that unmapped user access is going to be the best choice for my purpose.

Sam, I’ve been busy with some other things so I haven’t been working steady on this. However, I have setup the event viewer on my server so I can see what happens from the server side. On the OSMC client I go to add a source, select NFS and the IP of the server shows up, I click this and the shares show up. So I click on for example Music and event viewer on the server shows this new event;

Mount operation succeeded.

Address:192.168.1.122
Share:/Music

However on the client side I cannot browse any further and see the contents of Share:/Music.

So, now I am wondering what logs I can look at on the OSMC client to see what is going on client side, and how to get to such log files.

I would suggest the following

  • Enable debug logging in Kodi then use Log Uploader in My OSMC to upload logs
  • See if you can connect at the command line (via mount) command

Sam

OK, here is the link to my current log file.

http://xbmclogs.com/psdu2zsck

This seems to be the relevant part;

12:44:52 T:1774187552 NOTICE: Thread JobWorker start, auto delete: true
12:44:52 T:1774187552 ERROR: Failed to open(//) opendir call failed with “NFS: READDIRPLUS of / failed with NFS3ERR_ACCES(-13)”
12:44:52 T:1957093376 ERROR: GetDirectory - Error getting nfs://192.168.1.125/Music/
12:44:52 T:1957093376 ERROR: CGUIDialogFileBrowser::GetDirectory(nfs://192.168.1.125/Music/) failed

So, to test mounting the shares;

osmc@osmc:/$ sudo mount -t nfs -o ro 192.168.1.125:/Music /home/osmc/Music
osmc@osmc:/$ ls /home/osmc/Music
ls: cannot open directory /home/osmc/Music: Permission denied

Confirmed, Permissions problem.

So, how to fix the permissions problem…

Sam, once I use the mount command at the client, is there a way that I can display how the client sees the effective permissions?

I think you should try apply permissions for the highest root directory you can. Windows will then inherit the permissions further down if they are not set for the child directories

Sam

Pardon me if I sound a bit dense, but I think that you are saying that if \Music is a top level share then what ever permissions I apply there will be inherited by child directories and files.

I’m wondering if once I use the mount command at the client, is there a command I can run on the client to see the actual permissions of the mount as the client sees it?

OK, tried this and got this result;

osmc@osmc:/$ sudo mount -t nfs -o ro 192.168.1.125:/Music /home/osmc/Music
osmc@osmc:~$ ls -ald /home/osmc/Music
drwxr-xr-x 2 4294967294 4294967294 163840 May 23 22:01 /home/osmc/Music

So, this is telling me that nobody is the owner and nobody is the group, I think.

@sam my memory of this sort of change is you have to watch for the option to apply it for lower levels - otherwise it only gets carried down to subsequently created sub-entities.
Derek