Authenticated NFS Shares

J

Jon Irish

New Member
Aug 1, 2018
12
0
1
58
I have setup a folder on my Synology NAS to backup my ProxMox server to. I enabled NFS on the synology and created a pve user account with rights to the folder. When I try to add the NFS share to Storage, under Datacenter, i don't see an option to list a username and password for authentication. Thus, when I try to connect, I get this error:

create storage failed: error with cfs lock 'file-storage_cfg': mount error: mount.nfs: access denied by server while mounting 192.168.100.37:/volume1/PVE (500)

Obviously, I am doing something wrong. Any help would be appreciated.

Thanks,
Jon
 
normally nfs does not have a user authentication (this is normally done with kerberos and tickets, but the last time i tried it it was a pita)
did you configure the ip address of the pve server to the allowed hosts of the nfs share?
 
dcsapak said:
normally nfs does not have a user authentication (this is normally done with kerberos and tickets, but the last time i tried it it was a pita)
did you configure the ip address of the pve server to the allowed hosts of the nfs share?
Click to expand...

I have never used NFS shares before, so I am probably doing this wrong ;-) I have attached a screen-shot from the Synology box, that shows the NFS configuration. The PVE server address is: 192.168.2.6 (I don't mind posting private IP addresses). NFS security is set to "Auth_Sys". Other options are: Kerberose authentication, Kerberose integrity, and Kerberose privacy. Not really sure where the hangup is.

Thanks,
Jon
Capture.PNG
 
You may need to allow connections from non-privileged ports too.

If AUTH_SYS security flavor is implemented: The client must have exactly the same numerical UID (user identifier) and GID (group identifier) on the NFS client and Synology NAS, or else the client will be assigned the permissions of others when accessing the shared folder. To avoid any permissions conflicts, you can select Map all users to admin from Squash or give "Everyone" permissions to the shared folder.
Click to expand...
https://www.synology.com/en-global/knowledgebase/DSM/help/DSM/AdminCenter/file_share_privilege_nfs
 
hec said:
Do you have routed NFS?

Do you see anything in the log files on the NAS?
Click to expand...

I'm afraid that I don't know what you mean by "routed NFS" (I have never used NFS before). Also, unfortunately, the Synology logs are not much help. All I see related to NFS is when the NFS service starts and stops. I am not seeing any NFS authentication logs. I'll have to dig a little deeper into DSM and see if I can get it to produce more detailed logs.
 
So I have fixed this issue. I opened a ticket with Synology and they pulled the system logs from the NAS. This was self inflicted. Right now I have my ProxMox server hanging off of my iMac (makes it easier to configure it that way. It will get it's own direct connection when I am done setting it up). Anyway, when the NAS saw the NFS connection attempts, it was seeing the source IP as the Mac's since the Mac was relaying the traffic (duh). I went ahead and added the Mac's IP into the NFS permissions, and now all is well.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom