sjiveson
Edit existing file, but cannot create (continued)
@sjiveson I am running into this same issue and attempting to resolve based on your comments on Jan 29 on #7 / #17 . Unfortunately, I am not very experienced with NFS, so I do not completely follow this advice. What should I change? Should I just remove the no_root_squash option or replace it with something?
The no_root_squash option is entirely different and changes to -mapall=. Would you be able to try building the container from scratch after changing this in the nfs-server-alpine/confd/tmpl/exports.tmpl file?
FWIW, this error has popped up between docker containers (client / server as separate containers) on my Mac host using the same UIDs, as well as with Mac as the client. Editing files and reading files works fine, but creating fails at the following line (in an strace):
openat(AT_FDCWD, "/mnt/tmp/blah.txt", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EIO (Input/output error)
Hooray! Removing the no_root_squash option fixed things! Now files get mounted with owner/group nobody/nobody, but that's resolved easy enough with chown -R root:root .... workable, at least! :smile: I will poke a bit at this mapall shenanigans and see if I can make that clean things up a little.
EDIT: No luck so far. Just creating a bunch of permission errors for myself. Probably a function of having no idea what I'm doing.
I wonder if all_squash,anonuid=NNN,anongid=NNN may help here as this will make all requests appear to come from user NNN. If the source user is root, perhaps root_squash,anonuid=NNN,anongid=NNN.
I just run into this (macos server, linux client) and tested a bunch of combination of different no_root_squash, all_squash, anonuid,anongid combos... I can delete and modify existing files in the share, but attempting to create a new file results in a Input/output error. If someone has any clue I'd be happy to test different config parameters.
In case it is helpful, these are the options I ended up using. I am sharing from mac to mac and haven't tried from mac to linux, but this works for me:
rw,async,fsid=0,no_subtree_check,no_auth_nlm,insecure,crossmnt
I set these based on my PR in #23. Worth noting that I believe no_root_squash is not supported on Mac OSX. I forget where I learned that 🤷♂ As a result, keep in mind that the root user does not have super powers. In fact, it has the nobody powers of the least privileged user on the system. It is best to try writing as a different user.
Also be sure to set --privileged or privileged: true
I'm trying to override the NFS option and remove the no_root_squash option by using
-e SET_OPTS=rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure or
-e NFS_OPTS=rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure
when starting the container but, when I check with docker logs nfs, I still have the default options:
Displaying /etc/exports contents: /nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
--> I'm not really an expert but can someone tell me how to alter the nfs mount options?
Fixed as described in #23 with fork https://github.com/kvalev/nfs-server-alpine
docker run -d --name nfs --privileged -p 2049:2049 -e "PERMITTED=*" -e "NFS_OPTS=rw,async,fsid=0,no_subtree_check,no_auth_nlm,insecure" ....
I'm trying to override the NFS option and remove the no_root_squash option by using
-e SET_OPTS=rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure or -e NFS_OPTS=rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure
when starting the container but, when I check with docker logs nfs, I still have the default options:
Displaying /etc/exports contents: /nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
--> I'm not really an expert but can someone tell me how to alter the nfs mount options?