AIX 7.1 Configure NFS Notes

Keywords: Linux Permission denied iptables SELinux

Server AIX 7.1, address: 10.72.254.101
Client Redhat6 address: 10.72.254.198

Firstly, confirm that nfs service is running normally. (Services for nfs under Aix: portmap, nfsd, biod, rpc.lockd, rpc.statd, rpc.mountd)

lssrc -s portmap    # View portmap services
lssrc -g nfs        # View NFS services
mknfs -N        # Start nfs service
startsrc -g nfs     # Start nfs service
smit mknfs      # Start nfs service
rmnfs           # Close nfs
smit rmnfs      # Stop nfs service 

2 Configuration/etc/exports file
Smitty NFS ==> Add Directory... ==> Add paths and compute names or IP.

cat /etc/exports  # It is shown as follows:
/bak -sec=sys:krb5p:krb5i:krb5:dh,rw=10.72.254.198,access=10.72.254.198,root=10.72.254.198
exportfs -a    # exports to xtab, rpc.mountd reads the / etc/xtab file

After the above steps, showmount-e 10.72.254.101 can be displayed to the client.

3 Client Configuration
Mount-t NFS 10.72.254.101:/bak/mnt displays Remote server I/O error. After checking, it is due to the problem of NFS version used by Linux and Aix, the specified version can be used.

mount -t nfs -o vers=3 -v 10.72.254.101:/bak /mnt 
It is shown as follows:
mount.nfs: timeout set for Wed Feb 15 15:11:13 2017
mount.nfs: trying text-based options 'vers=3,addr=10.72.254.31'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.72.254.31 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 10.72.254.31 prog 100005 vers 3 prot UDP port 62082
mount.nfs: mount(2): Permission denied
mount.nfs: access denied by server while mounting 10.72.254.31:/bak

baidu has not been able to get an effective solution for a long time by displaying that the client is rejected through UDP connection. There is no problem in setting permissions. Try tcp connection.

mount -t nfs -v -o vers=3 -o proto=tcp 10.72.254.31:/bak /mnt  #It is shown as follows:
##
mount.nfs: timeout set for Wed Feb 15 15:24:09 2017
mount.nfs: trying text-based options 'vers=3,proto=tcp,addr=10.72.254.31'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.72.254.31 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 10.72.254.31 prog 100005 vers 3 prot TCP port 57476
mount.nfs: mount(2): Permission denied
mount.nfs: access denied by server while mounting 10.72.254.31:/bak

The same display indicates that it has nothing to do with the protocol.

http://blog.chinaunix.net/uid-20554957-id-3444786.html His question gives me some inspiration, but the configuration of AIX is different, without these options, the port problem here is not suitable for this situation.
setenforce shuts down SELinux, and / etc/init.d/iptables stop stops iptables... Wait a minute, there's no improvement.

google did not find a suitable solution, but also saw some better solutions to different problems.
http://www.linuxquestions.org/questions/linux-server-73/nfs-access-denied-by-server-while-mounting-934161/

This is some mount error messages in IBM's official documentation
https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/com.ibm.aix.networkcomm/nfs_mountmessages.htm

In the middle of this, you are prompted to configure / etc/hosts on the server side many times, so you can add the hostname of the client side to ensure that ping hostname can be passed. OK, mount again.

The server/etc/hosts configuration is as follows:

127.0.0.1               loopback localhost      # loopback (lo0) name/address
10.72.254.31    test-app
10.72.254.198   dzqz

Client/etc/hosts configuration:

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.72.254.31    test-app

The most commonly used is hostname mount.

Mount-t nfs-o vers = 3 test-app:/bak/mnt is all right.

aix official documents: https://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.networkcomm/nfs_intro.htm

NFS commands :

Item    Description
chnfs   Starts a specified number of biod and nfsd daemons.
chnfsdom    Changes the local NFS domain.
chnfsim Changes NFS foreign identity mappings.
chnfssec    Changes the default security flavor used by the NFS client
chnfsrtd    Changes the local NFS realm-to-domain mappings.
mknfs   Configures the system to run NFS and starts NFS daemons.
nfso    Configures NFS network options.
automount   Mounts an NFS file system automatically.
chnfsexp    Changes the attributes of an NFS-exported directory.
chnfsmnt    Changes the attributes of an NFS-mounted directory.
exportfs    Exports and unexports directories to NFS clients.
lsnfsexp    Displays the characteristics of directories that are exported with NFS.
lsnfsmnt    Displays the characteristics of mounted NFS systems.
mknfsexp    Exports a directory using NFS.
mknfsmnt    Mounts a directory using NFS.
nfshostkey  Configure the host key for an NFS server.
nfs4cl  Displays information about filesystems a client is accessing using NFS version 4.
nfs4smctl   Administers revocation of NFS version 4 State
rmnfs   Stops the NFS daemons.
rmnfsexp    Removes NFS-exported directories from a server's list of exports.
rmnfsmnt    Removes NFS-mounted file systems from a client's list of mounts.

The detours we have made are mainly due to the lack of careful review of documents in the early stage. Many documents mention configuration / etc/hosts in the foregoing. But Linux can be used directly without configuration, but Aix must be configured.

Posted by gtibok on Fri, 29 Mar 2019 05:36:30 -0700