Binding ports for NFS

redhatdude at bellsouth.net redhatdude at bellsouth.net
Sat Dec 17 05:50:57 UTC 2005 

Hi, it sort of worked. When I try to mount the nfs share from the mac  
I finally reach the daemons on the linux box.
My next problem is apparently with SELINUX.

This is the error I get in /var/log/messages:
rpc.mountd: can't stat exported dir /home/theuser/Desktop/SHARED/:  
Permission denied

These are the errors in /var/log/audit/audit.log:

type=AVC msg=audit(1134798282.051:85): avc:  denied  { dac_override }  
for  pid=3032 comm="rpc.mountd" capability=1  
scontext=root:system_r:nfsd_t tcontext=root:system_r:nfsd_t  
tclass=capability
type=AVC msg=audit(1134798282.051:85): avc:  denied   
{ dac_read_search } for  pid=3032 comm="rpc.mountd" capability=2  
scontext=root:system_r:nfsd_t tcontext=root:system_r:nfsd_t  
tclass=capability
type=SYSCALL msg=audit(1134798282.051:85): arch=40000003 syscall=196  
success=no exit=-13 a0=bf8933d7 a1=bf893328 a2=235ff4 a3=876e0f8  
items=1 pid=3032 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0  
egid=0 sgid=0 fsgid=0 comm="rpc.mountd" exe="/usr/sbin/rpc.mountd"
type=CWD msg=audit(1134798282.051:85):  cwd="/var/lib/nfs"
type=PATH msg=audit(1134798282.051:85): item=0 name="/home/theuser/ 
Desktop/SHARED" flags=0  inode=7274600 dev=fd:00 mode=040700 ouid=500  
ogid=500 rdev=00:00
type=AVC msg=audit(1134798282.199:86): avc:  denied  { dac_override }  
for  pid=3032 comm="rpc.mountd" capability=1  
scontext=root:system_r:nfsd_t tcontext=root:system_r:nfsd_t  
tclass=capability
type=AVC msg=audit(1134798282.199:86): avc:  denied   
{ dac_read_search } for  pid=3032 comm="rpc.mountd" capability=2  
scontext=root:system_r:nfsd_t tcontext=root:system_r:nfsd_t  
tclass=capability
type=SYSCALL msg=audit(1134798282.199:86): arch=40000003 syscall=195  
success=no exit=-13 a0=876e0e0 a1=bf893328 a2=235ff4 a3=bf893328  
items=1 pid=3032 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0  
egid=0 sgid=0 fsgid=0 comm="rpc.mountd" exe="/usr/sbin/rpc.mountd"
type=CWD msg=audit(1134798282.199:86):  cwd="/var/lib/nfs"
type=PATH msg=audit(1134798282.199:86): item=0 name="/home/theuser/ 
Desktop/SHARED/" flags=1  inode=7274600 dev=fd:00 mode=040700  
ouid=500 ogid=500 rdev=00:00

These are the permissions for the folder:
drwxrwxrwx  theuser      theuser       
user_u:object_r:user_home_t      SHARED

So now that I finally make it through the firewall, how can I get  
permission to mount the nfs share?

Thanks
EJ

On Dec 16, 2005, at 3:17 PM, Christopher K. Johnson wrote:

> redhatdude at bellsouth.net wrote:
>
>> Thanks to all of you who've taken the time to reply.
>> Unfortunately, I don't have an nfs configuration file inside /etc/ 
>> sysconfig/
>> Should I create it? What should I put in it? Just what I'm being  
>> told about the ports or something else besides that?
>> Thanks again,
>> EJ
>>
>>
>>> # Created 05.07.05 by Tony Molloy
>>> # based on work by Christopher K. Johnson ( dirigo.net )
>>>
>>> RPCNFSDCOUNT=32
>>>
>>> # ports for statd daemon
>>> STATD_PORT=4000
>>> STATD_OUTGOING_PORT=4004
>>>
>>> # ports for lockd daemon
>>> LOCKD_TCPPORT=4001
>>> LOCKD_UDPPORT=4001
>>>
>>> # ports for mountd daemon
>>> #MOUNTD_NFS_V2=no
>>> #MOUNTD_NFS_V3=no
>>> MOUNTD_PORT=4002
>>>
>>> # ports for rquota daemon
>>> #RQUOTAD=no
>>> RQUOTAD_PORT=4003
>>>
>>>
>>
> You do need to create /etc/sysconfig/nfs since there is not one  
> provided by default.  However the Fedora Core init scripts will  
> look for it and use it if provided.
> The contents should be the comments as you wish, and the variable  
> assignments for fixing ports as was emailed by someone earlier.   
> The init scripts source this file and then use the environment  
> variables set by it.
>
> -- 
>   "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
>   Chris Johnson, RHCE #807000448202021
>
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

More information about the users mailing list