NFSv4 – Read Only File System Issue

From NFS server ( exported as below:

/exports, no_root_squash, async, fsid=0)
/exports/Mount, no_root_squash, async)
On NFS client (

#mount -vvv -t nfs4 -o rw,no_root_squash,async /mnt/temp
#cd /mnt/temp
#touch test.txt ( showing read-only file system which is fine).
#cd /mnt/temp/Mount
#touch test.txt ( showing read-only file system which is not ok).

Things that we need to check:

  1. On the NFS server after updating “/etc/export” file and running “exportfs -vra” is not enough. You also need to mount using below command
#mount --bind <actual/real folder path> <folderpath mentioned in export>

2. fsid=0 is for root mount.

An NFSv4 client now has the ability to see all of the exports served by the NFSv4 server as a single file system, called the NFSv4 pseudo-file system. On Red Hat Enterprise Linux, the pseudo-file system is identified as a single, real file system, identified at export with the fsid=0 option.

3. “root_squash”

By default, NFS shares change the root user to the nfsnobody user, an unprivileged user account. This changes the owner of all root-created files to nfsnobody, which prevents uploading of programs with the setuid bit set.
If no_root_squash is used, remote root users are able to change any file on the shared file system and leave applications infected by Trojans for other users to inadvertently execute




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s