search

kofemann / simple-nfs

dcache nfs server to export regular file system
Apache License 2.0
14 stars 14 forks source link

git clone on NFSv4 client fails with simple-nfs NFSv4 server #29

Open gisburn opened 5 months ago

gisburn commented 5 months ago

I cannot get $ git clone ... # to work with simple-nfs:

Example (same results with and without being "root"): ---- snip ----

git clone https://github.com/kofemann/simple-nfs.git
cd simple-nfs/
mvn package
find . -name \*.jar
printf "/ *(rw,insecure,all_squash,anonuid=%d,anongid=%d)\n" "$(id -u)" "$(id -g)" >exports
mkdir nfsroot
chmod a=u nfsroot
cat exports
(umask 0000 ; java -jar ./target/simple-nfs-1.0-SNAPSHOT-jar-with-dependencies.jar -root "$PWD/nfsroot" -port 30000 -nfsvers 4 -exports $PWD/exports)

---- snip ----

A git clone fails like this: ---- snip ----

$ git clone https://github.com/kofemann/ms-nfs41-client.git
Cloning into 'ms-nfs41-client'...
fatal: unable to access '/cygdrive/y/foo/ms-nfs41-client/.git/config': Permission denied

---- snip ----

The simple-nfs server prints this: ---- snip ----

2024-01-19 17:31:45.866 [wingrendel02.GLOBAL.LOC/10.49.20.23:49826] [nfs@30000 (8)] ERROR o.d.n.v.AbstractOperationExecutor - NFS server fault: op: READ : NFS4ERR_IO : IO not allowed
2024-01-19 17:31:45.917 [wingrendel02.GLOBAL.LOC/10.49.20.23:49826] [nfs@30000 (9)] ERROR o.d.n.v.AbstractOperationExecutor - NFS server fault: op: READ : NFS4ERR_IO : IO not allowed
2024-01-19 17:31:45.959 [wingrendel02.GLOBAL.LOC/10.49.20.23:49826] [nfs@30000 (10)] ERROR o.d.n.v.AbstractOperationExecutor - NFS server fault: op: READ : NFS4ERR_IO : IO not allowed
2024-01-19 17:31:46.000 [wingrendel02.GLOBAL.LOC/10.49.20.23:49826] [nfs@30000 (14)] WARN  o.d.s.LocalFileSystem - Unable to set mode of file /home/rmainz/work/nfs4j/simplenfs/simple-nfs/nfsroot/foo/ms-nfs41-client/.git/tCGHSBM: /home/rmainz/work/nfs4j/simplenfs/simple-nfs/nfsroot/foo/ms-nfs41-client/.git/tCGHSBM: Too many levels of symbolic links or unable to access attributes of symbolic link

---- snip ----

kofemann commented 5 months ago

Hi @gisburn,

on create, the NFS server changes the file owner to uid that have performed the RPC call. So, if you don't run NFS server as root, then uid of NFS server process should match uid in the RPC request. Du you use the same UID in both cases?

gisburn commented 5 months ago

all_squash,anonuid=%d,anongid=%d

Erm... does "simple-nfs" support the { all_squash,anonuid=... and anongid=... } export options (uid/gid values for anonuid/anongid match that of the user who launched java) ?

The way I try to use the NFSv4 server is that all new files are created for the anon user, regardless what the owner/owner_group say - so |setuid()|/|setgid()| or |chown()|/|chgrp()| should not be executed by the server...