For some reason the users that are part of a particular group (with that group have rwx on an NFS directory) cannot cd in to that directory. I am at a loss here, there has to be something I am missing. Both client and server are Debian 11 servers
On the NFS client here is the user/group info:
root@client:/# ls -lisa /media/
total 17
4 drwxr-xr-x 5 root root 4096 Apr 15 14:33 .
4 drwxr-xr-x 17 root root 4096 Aug 16 05:14 ..
4 drwxrwx--- 5 media media 4096 Sep 2 20:41 Download
root@client:/# ls -lisa /media/Download/
total 36
2 4 drwxrwx--- 6 media media 4096 Sep 3 09:05 .
783361 4 drwxr-xr-x 5 root root 4096 Sep 3 09:04 ..
11 16 drwxrwx--- 2 media media 16384 Apr 11 17:55 lost+found
11272193 4 drwxr-xr-x 2 media media 4096 Sep 3 09:05 testdir
12 0 -rw-r--r-- 1 media media 0 Sep 3 09:04 test.txt
root@client:/# id media
uid=1090(media) gid=1090(media) groups=1090(media)
root@client:/# id user
uid=1000(user) gid=1000(user) groups=1000(user),1090(media)
root@client:/# cat /etc/passwd | egrep "user|media"
user:x:1000:1000:user,,,:/home/user:/bin/bash
media:x:1090:1090::/home/media:/usr/sbin/nologin
root@client:/# mount
192.168.24.10:/media/Download on /media/Download type nfs4 (rw,relatime,vers=4.2,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.24.5,local_lock=none,addr=192.168.24.100)
user@client:~$ whoami | id
uid=1000(user) gid=1000(user) groups=1000(user),1090(media)
user@client:~$ ls -lisa /media/Download/
ls: cannot open directory '/media/Download/': Permission denied
Why is user denied from accessing the Download folder? They are part of the group media and the folder has rwx for the group. What is the problem here?
On the NFS server:
root@server:/# ls -lisa /media/
total 16
128771 4 drwxr-xr-x 4 root root 4096 Apr 15 04:32 .
2 4 drwxr-xr-x 18 root root 4096 Aug 16 08:12 ..
2 4 drwxrwx--- 6 media media 4096 Sep 3 08:05 Download
root@server:/# ls -lisa /media/Download/
total 36
2 4 drwxrwx--- 6 media media 4096 Sep 3 08:05 .
128771 4 drwxr-xr-x 4 root root 4096 Apr 15 04:32 ..
11 16 drwxrwx--- 2 media media 16384 Apr 11 16:55 lost+found
11272193 4 drwxr-xr-x 2 media media 4096 Sep 3 08:05 testdir
12 0 -rw-r--r-- 1 media media 0 Sep 3 08:04 test.txt
root@server:/# id media
uid=1090(media) gid=1090(media) groups=1090(media)
root@server:/# cat /etc/exports
/media/Download 192.168.24.5/32(rw,anonuid=1090,anongid=1090,no_subtree_check,root_squash)
root@server:/# cat /etc/passwd | grep media
media:x:1090:1090::/home/media:/usr/sbin/nologin
If I change the NFS server directory permissions to 777 then I can read and write into Download from the client. But obviously I rather be more restrictive and only let the allowed user read/write in that directory.
I have rebooted both the client and server several times, but the same permission denied occurs.
nfsidmap -d
report the same domain on both systems? Is the rpc.idmapd daemon running on the server, and did it report the same domain in syslog on startup? Does the usernameuser
exist on the server, and does it have the same UID as on the client?