moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

raspberrypi nfs is mounted as root

Thu Jan 18, 2018 4:53 pm

Hi,
i'm running nfs on the raspberrypi and connecting to it from my laptop(arch linux) but when i mount the nfs in arch i can't access to files because they are all owned by root (although even if i use sudo i can't even list the content of the folders)

on the raspberrypi side:
my /etc/exports:

Code: Select all

/media/pi/ 192.168.88.0/24(rw,sync)
this is the permission of my shared folder(i'm interested in hd1 folder which is owned by pi)

Code: Select all

drwxr-xr-x   3 pi   pi   16384 Jan  1  1970 boot_lede3
drwxr-xr-x  34 pi   pi    4096 Jan  9 06:21 hd1
drwxr-xr-x  18 root root  4096 Dec  5 15:59 root_lede3
drwxr-xr-x   5 root root  1024 Dec 18 15:55 SETTINGS

on the archlinux side :


my /etc/fstab:

Code: Select all

192.168.88.251:/media/pi        /home/mohammad/mnt      nfs     users,user      0       0
after mounting

Code: Select all

mount /home/mohammad/mnt

Code: Select all

▶ ls -la /home/mohammad/mnt          
total 24
drwxr-x---  6 mohammad mohammad 4096 Jan 18 10:23 .
drwx------ 26 mohammad mohammad 4096 Jan 18 19:53 ..
drwx------  2 root     root     4096 Jan 18 10:23 boot_lede3
drwx------  2 root     root     4096 Jan 18 10:23 hd1
drwx------  2 root     root     4096 Jan 18 10:23 root_lede3
drwx------  2 root     root     4096 Jan 18 10:23 SETTINGS

~                                                                                                                                              
▶ ls -la /home/mohammad/mnt/hd1
ls: cannot open directory '/home/mohammad/mnt/hd1': Permission denied


User avatar
DougieLawson
Posts: 33815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Fri Jan 19, 2018 5:50 pm

/etc/exports

Code: Select all

/media/pi 192.168.88.0/24(rw,sync,no_subtree_check,no_root_squash)
Mount command: mount -t nfs -o vers=3 192.168.88.251:/media/pi /home/mohammad/mnt
Or /etc/fstab

Code: Select all

192.168.88.251:/media/pi /home/mohammad/mnt nfs vers=3 0 0
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Fri Jan 19, 2018 6:38 pm

DougieLawson wrote:
Fri Jan 19, 2018 5:50 pm
/etc/exports

Code: Select all

/media/pi 192.168.88.0/24(rw,sync,no_subtree_check,no_root_squash)
Mount command: mount -t nfs -o vers=3 192.168.88.251:/media/pi /home/mohammad/mnt
Or /etc/fstab

Code: Select all

192.168.88.251:/media/pi /home/mohammad/mnt nfs vers=3 0 0
I tried your solution and unfortunately the mounted files are still owned by the root, also i would prefer to use nfs 4

ejolson
Posts: 1898
Joined: Tue Mar 18, 2014 11:47 am

Re: raspberrypi nfs is mounted as root

Fri Jan 19, 2018 7:34 pm

moham_96 wrote:
Fri Jan 19, 2018 6:38 pm
I tried your solution and unfortunately the mounted files are still owned by the root, also i would prefer to use nfs 4
If the files are owned by root on the Pi, then they will be owned by root when mounted over NFS on the laptop. I think you may have more luck with samba than NFS v4.

User avatar
DougieLawson
Posts: 33815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Fri Jan 19, 2018 11:38 pm

That's the main selling point for NFS. The file ownership and permissions are carried across the network.

The answer is to create a pi userid/group on the system with the exports then you can set the permssions on there and your RPi will then "just work". CIFS/Samba is an ugly cludge and isn't the ideal solution.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Sat Jan 20, 2018 7:24 am

ejolson wrote:
Fri Jan 19, 2018 7:34 pm
moham_96 wrote:
Fri Jan 19, 2018 6:38 pm
I tried your solution and unfortunately the mounted files are still owned by the root, also i would prefer to use nfs 4
If the files are owned by root on the Pi, then they will be owned by root when mounted over NFS on the laptop. I think you may have more luck with samba than NFS v4.
The files are not owned by root they are owned by pi user

Code: Select all

  ~ ls -la /media/pi/   
total 33
drwxr-x---+  6 pi   pi    4096 Jan 19 08:39 .
drwxr-xr-x   3 root root  4096 Nov 29 02:56 ..
drwxr-xr-x   3 pi   pi   16384 Jan  1  1970 boot_lede3
drwxr-xr-x  34 pi   pi    4096 Jan 20 07:22 hd1
drwxr-xr-x  18 root root  4096 Dec  5 15:59 root_lede3
drwxr-xr-x   5 root root  1024 Dec 18 15:55 SETTINGS
i'm currently using samba and would like to migrate to nfs because for me samba/cifs seems unstable, also i use linux on all my devices so i think nfs is more rational than a microsoft protocol

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Sat Jan 20, 2018 7:26 am

DougieLawson wrote:
Fri Jan 19, 2018 11:38 pm
That's the main selling point for NFS. The file ownership and permissions are carried across the network.

The answer is to create a pi userid/group on the system with the exports then you can set the permssions on there and your RPi will then "just work". CIFS/Samba is an ugly cludge and isn't the ideal solution.
Do you mean that i create 'pi' user in my archlinux machine and mount using this user? i already tried it and still the files are not read by the normal user

User avatar
DougieLawson
Posts: 33815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Sat Jan 20, 2018 9:01 am

moham_96 wrote:
Sat Jan 20, 2018 7:26 am
DougieLawson wrote:
Fri Jan 19, 2018 11:38 pm
That's the main selling point for NFS. The file ownership and permissions are carried across the network.

The answer is to create a pi userid/group on the system with the exports then you can set the permssions on there and your RPi will then "just work". CIFS/Samba is an ugly cludge and isn't the ideal solution.
Do you mean that i create 'pi' user in my archlinux machine and mount using this user? i already tried it and still the files are not read by the normal user
No I mean create a pi user on the Arch machine (with uid=1000, gid=1000), use chmod/chown to allow that user or the pi group access to the files you need to share. Then everything is mounted by root on the raspberry but because the uid/gid matches the pi user can read/update/execute files as expected.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Sun Jan 21, 2018 2:01 pm

DougieLawson wrote:
Sat Jan 20, 2018 9:01 am
No I mean create a pi user on the Arch machine (with uid=1000, gid=1000), use chmod/chown to allow that user or the pi group access to the files you need to share.
I'm not trying to share arch machine files to the raspberry pi it's the other way(the files are in the raspberrypi where the nfs server is running), the arch machine is the nfs client not the server

User avatar
thagrol
Posts: 858
Joined: Fri Jan 13, 2012 4:41 pm
Location: Darkest Somerset, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Sun Jan 21, 2018 4:52 pm

moham_96 wrote:
Sun Jan 21, 2018 2:01 pm
DougieLawson wrote:
Sat Jan 20, 2018 9:01 am
No I mean create a pi user on the Arch machine (with uid=1000, gid=1000), use chmod/chown to allow that user or the pi group access to the files you need to share.
I'm not trying to share arch machine files to the raspberry pi it's the other way(the files are in the raspberrypi where the nfs server is running), the arch machine is the nfs client not the server
There's a couple of ways though one is infintely better than the other (and also might be more fiddly).

The right way: on the arch machine create a user pi with uid 1000 and a group pi with gid 1000. This may involve chaning IDs for an existing user and/or group. Once you've done that add any arch users you want to have access to the Pi's exported files to the pi group. The pi user on the arch machine does not need a home directory or login shell.

The wrong way: change permissions on every file and directory you're exporting so that they give full read/write (and execute on directories) permission to all users. Huge security hole so not at all recommended.

A third way: on both the arch box and the pi create a new group names doesn't matter but must be the same on both as must the gid. Add your users on both machines to the new group. Change the goups of the exported files/directories to the new group. The downside of this approach is that you'll need to manually change the group of any new files you create in the export bfore you can access them.
Note to self: don't feed the trolls
If you believe "L'enfer, c'est les autres" (Hell is other people) have you considered that it may be of your own making?

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Sun Jan 21, 2018 6:57 pm

thagrol wrote:
Sun Jan 21, 2018 4:52 pm
There's a couple of ways though one is infintely better than the other (and also might be more fiddly).

The right way: on the arch machine create a user pi with uid 1000 and a group pi with gid 1000. This may involve chaning IDs for an existing user and/or group. Once you've done that add any arch users you want to have access to the Pi's exported files to the pi group. The pi user on the arch machine does not need a home directory or login shell.

The wrong way: change permissions on every file and directory you're exporting so that they give full read/write (and execute on directories) permission to all users. Huge security hole so not at all recommended.

A third way: on both the arch box and the pi create a new group names doesn't matter but must be the same on both as must the gid. Add your users on both machines to the new group. Change the goups of the exported files/directories to the new group. The downside of this approach is that you'll need to manually change the group of any new files you create in the export bfore you can access them.

Tried the first way and it didnt work, the files still show as owned by root and the strange thing is that even root can't list or read them

User avatar
thagrol
Posts: 858
Joined: Fri Jan 13, 2012 4:41 pm
Location: Darkest Somerset, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Sun Jan 21, 2018 7:40 pm

Have you looked at the files directly on the Pi?

Who owns them and what permissions do they have when viewed from there?

Are they on an external drive?

If so how has it been formated?

And what mount options are you using (on the pi) for it? It is possible that while the mount point (the hd1 directory) is owned by the pi user, the fils within it and any sub folders are not.

Did you reboot/remount/restart nfs on both client and server after making changes?
Note to self: don't feed the trolls
If you believe "L'enfer, c'est les autres" (Hell is other people) have you considered that it may be of your own making?

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 5:00 am

thagrol wrote:
Sun Jan 21, 2018 7:40 pm
Have you looked at the files directly on the Pi?

Who owns them and what permissions do they have when viewed from there?

Are they on an external drive?

If so how has it been formated?

And what mount options are you using (on the pi) for it? It is possible that while the mount point (the hd1 directory) is owned by the pi user, the fils within it and any sub folders are not.

Did you reboot/remount/restart nfs on both client and server after making changes?
Everything in the raspberrypi is owned by the pi user (the folders and subfolders and files) the drive is formated as ext4

Anyway your comment about the external drive led me to do another test, i made a new export, this time it points to a folder inside the home directory of the pi(/home/pi/mnt/) and sure enough it mounted ith no problem in the client and could read the content so the problem is in mounting the (/media/pi/) folder, so i tried mounting one of the subfolders (/media/pi/hd1/) and it mounted successfully with the correct permissions and i could read the files, now i need to figure out why i can't mount (/medi/pi/) while i can mount (/media/pi/hd1/)! they are both owned by pi

User avatar
DougieLawson
Posts: 33815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 8:53 am

/media/pi (created by the GUI automounter) is owned by pi:pi.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

User avatar
thagrol
Posts: 858
Joined: Fri Jan 13, 2012 4:41 pm
Location: Darkest Somerset, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 1:21 pm

I don't know much about the gui automounter as I don't use it. All my linux boxes (inc several Pis are headless).

The next steps I'd take would be to compare permissions on the two mount points with and without the HDD mounted, and to compare mount options used by both methods of mounting it. (Hint: mount it one way, look at the output of "mount", mount it the other way and repeat)
Note to self: don't feed the trolls
If you believe "L'enfer, c'est les autres" (Hell is other people) have you considered that it may be of your own making?

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 2:21 pm

DougieLawson wrote:
Mon Jan 22, 2018 8:53 am
/media/pi (created by the GUI automounter) is owned by pi:pi.
Actually, i think it is created by udisks2

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 2:43 pm

thagrol wrote:
Mon Jan 22, 2018 1:21 pm
I don't know much about the gui automounter as I don't use it. All my linux boxes (inc several Pis are headless).

The next steps I'd take would be to compare permissions on the two mount points with and without the HDD mounted, and to compare mount options used by both methods of mounting it. (Hint: mount it one way, look at the output of "mount", mount it the other way and repeat)
I don't think the mounting options are the issue since I was able to add the mount point to the exportfs with the right permissions.
When I use udiskctl to mount the drive the options are the following

Code: Select all

/dev/sda2 on /media/pi/hd1 type ext4 (rw,nosuid,nodev,relatime,data=ordered,uhelper=udisks2)
when use mount to mount it:

Code: Select all

/dev/sda2 on /media/pi/hd1 type ext4 (rw,relatime,data=ordered)
In both cases i couldn't read the files on the client.

As I said I don't think the problem is the options but rather the parent folder(/media/pi)
so I did more tests

I mounted the drive on a folder that I created in the home directory

Code: Select all

sudo mount /dev/sda2 /home/pi/mnt
Then I added that folder to the exportfs and sure enough, i was able to read it from the client

I changed the permissions of the folder that I couldn't read to the same permissions of the folder that I could read

Code: Select all

sudo chmod --reference=/media/pi/hd1 /media/pi
but still i can't export /media/pi/

User avatar
pi-anazazi
Posts: 465
Joined: Fri Feb 13, 2015 9:22 pm
Location: EU

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 3:04 pm

It's not the mounting, but the directory you are mounting to. On my raspbian (stretch) folders in /media are owned by root. While folders in /home/pi are owned by (make an educated guess :-) )---
Kind regards

anazazi

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 3:18 pm

Ok I discovered something strange, whenever I add the mount point to the exportfs i can read it on the client but if I added the parent directory of the mount point I cant read the content on the client
This is what I did:
On the pi:
I created a directory and a test file inside it

Code: Select all

mkdir /home/pi/mnt
touch /media/pi/test
i mounted the drive to the directory

Code: Select all

sudo mount /dev/sda2 /home/pi/mnt
I added the directory and the parent directory to the exportfs

Code: Select all

/home/pi/ 192.168.88.0/24(rw,sync,no_subtree_check,no_root_squash)
/home/pi/mnt/ 192.168.88.0/24(rw,sync,no_subtree_check,no_root_squash)


on the client:

I created two folders

Code: Select all

 mkdir nfs2
 mkdir nfs1
I mounted each share to a directory

Code: Select all

 sudo mount -t nfs -o vers=3 192.168.88.251:/home/pi/ nfs1
 sudo mount -t nfs -o vers=3 192.168.88.251:/home/pi/mnt nfs2
here's where it gets strange
if i list the content of mount point i can read the content:

Code: Select all

ls -la nfs2
total 15660
drwxr-xr-x  34 pi       pi             4096 Jan 21 17:19  .
drwx------  45 mohammad mohammad       4096 Jan 22 18:14  ..
drwxr-xr-x   6 pi       pi             4096 Jan  9 09:21 '1 - 12 - 2017'
drwxr-xr-x   6 pi       pi             4096 Jan  9 09:47 '13 - 3 - 2016'
drwxr-xr-x  17 pi       pi             4096 Jan  9 09:29 '13 - 5 - 2016'
drwxr-xr-x  16 pi       pi             4096 Jan  9 09:44 '15 - 12 - 2015'
while listing the content of the mount point from the parent share I get the content of the directory before I mount it (the test file that I created):

Code: Select all

ls -la nfs1/mnt
total 12
drwxr-xr-x  2 pi pi 4096 Jan 22 18:00 .
drwxr-xr-x 48 pi pi 4096 Jan 22 18:12 ..
-rw-r--r--  1 pi pi   15 Jan 22 18:00 test
Last edited by moham_96 on Mon Jan 22, 2018 3:22 pm, edited 1 time in total.

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 3:20 pm

pi-anazazi wrote:
Mon Jan 22, 2018 3:04 pm
It's not the mounting, but the directory you are mounting to. On my raspbian (stretch) folders in /media are owned by root. While folders in /home/pi are owned by (make an educated guess :-) )---
I already changed the ownership of /media/pi to the pi user

Code: Select all

➜  ~ ls -la /media        
total 12
drwxr-xr-x  3 root root 4096 Nov 29 02:56 .
drwxr-xr-x 21 root root 4096 Jan 16 15:16 ..
drwxr-xr-x  3 pi   pi   4096 Jan 22 14:44 pi

User avatar
thagrol
Posts: 858
Joined: Fri Jan 13, 2012 4:41 pm
Location: Darkest Somerset, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 4:51 pm

So it you export the directory above the mount point you see the mount point but not the filesystem mounted on it.

I think that is expected behavious with nfs, default configuration doesn't allow clients to move across filesystems.

This excerpt from the man page for the exports file may help:
nohide

This option is based on the option of the same name provided in IRIX NFS. Normally, if a server exports two filesystems one of which is mounted on the other, then the client will have to mount both filesystems explicitly to get access to them. If it just mounts the parent, it will see an empty directory at the place where the other filesystem is mounted. That filesystem is "hidden".
Setting the nohide option on a filesystem causes it not to be hidden, and an appropriately authorised client will be able to move from the parent to that filesystem without noticing the change.

However, some NFS clients do not cope well with this situation as, for instance, it is then possible for two files in the one apparent filesystem to have the same inode number.

The nohide option is currently only effective on single host exports. It does not work reliably with netgroup, subnet, or wildcard exports.

This option can be very useful in some situations, but it should be used with due care, and only after confirming that the client system copes with the situation effectively.

The option can be explicitly disabled with hide.
crossmnt
This option is similar to nohide but it makes it possible for clients to move from the filesystem marked with crossmnt to exported filesystems mounted on it. Thus when a child filesystem "B" is mounted on a parent "A", setting crossmnt on "A" has the same effect as setting "nohide" on B.
Note to self: don't feed the trolls
If you believe "L'enfer, c'est les autres" (Hell is other people) have you considered that it may be of your own making?

User avatar
DougieLawson
Posts: 33815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 6:37 pm

moham_96 wrote:
Mon Jan 22, 2018 2:21 pm
DougieLawson wrote:
Mon Jan 22, 2018 8:53 am
/media/pi (created by the GUI automounter) is owned by pi:pi.
Actually, i think it is created by udisks2
What's udisk2 - never heard of that wee beastie. I find automounters are neither use nor ornament. It's a monster pain to find that device you've just inserted because it needs a forced fsck ends up mounted on some directory somewhere. I'd vote for "burn all automounters".
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

User avatar
pi-anazazi
Posts: 465
Joined: Fri Feb 13, 2015 9:22 pm
Location: EU

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 7:23 pm

https://wiki.archlinux.org/index.php/udisks


...on my pi's the /media/pi is owned by root:root...
Kind regards

anazazi

moham_96
Posts: 19
Joined: Sat Aug 12, 2017 5:02 pm

Re: raspberrypi nfs is mounted as root

Mon Jan 22, 2018 7:32 pm

thagrol wrote:
Mon Jan 22, 2018 4:51 pm
So it you export the directory above the mount point you see the mount point but not the filesystem mounted on it.

I think that is expected behavious with nfs, default configuration doesn't allow clients to move across filesystems.

This excerpt from the man page for the exports file may help:
nohide

This option is based on the option of the same name provided in IRIX NFS. Normally, if a server exports two filesystems one of which is mounted on the other, then the client will have to mount both filesystems explicitly to get access to them. If it just mounts the parent, it will see an empty directory at the place where the other filesystem is mounted. That filesystem is "hidden".
Setting the nohide option on a filesystem causes it not to be hidden, and an appropriately authorised client will be able to move from the parent to that filesystem without noticing the change.

However, some NFS clients do not cope well with this situation as, for instance, it is then possible for two files in the one apparent filesystem to have the same inode number.

The nohide option is currently only effective on single host exports. It does not work reliably with netgroup, subnet, or wildcard exports.

This option can be very useful in some situations, but it should be used with due care, and only after confirming that the client system copes with the situation effectively.

The option can be explicitly disabled with hide.
crossmnt
This option is similar to nohide but it makes it possible for clients to move from the filesystem marked with crossmnt to exported filesystems mounted on it. Thus when a child filesystem "B" is mounted on a parent "A", setting crossmnt on "A" has the same effect as setting "nohide" on B.
Yes, I added crossmnt to my exportfs file and the problem is solved.
thanks for everyone

Return to “Beginners”

Who is online

Users browsing this forum: Google [Bot] and 51 guests