Cannot write to NFS Share with standard user

I’d like to make a folder (and its subfolders) on an USB drive connected to one SBC accessible to to a docker application on another SBC in my LAN. I’m trying to use NFS for this.
Here some details on the setup:

NFS Server: BananaPro with Debian Buster (Armbian)

$ uname -a
Linux bananapipro 5.15.89-sunxi #22.11.4 SMP Mon Jan 23 21:58:30 UTC 2023 armv7l GNU/Linux
$ ip -br a | grep eth0
eth0             UP    2003:cd:e70d:6f00:5153:c320:49c0:1b4d/64 fe80::f540:daa1:d572:389/64

The NFS exports configuration:

$ sudo cat /etc/exports

NFS Client: Odroid N2 with Debian Bullseye (DietPi v8.14.2)

$ uname -a
Linux OdroidN2 6.1.7-meson64 #22.11.4 SMP PREEMPT Mon Jan 23 21:25:00 UTC 2023 aarch64 GNU/Linux
$ ip -br a | grep eth0
eth0             UP    2003:cd:e70d:6f00:21e:6ff:fe42:3d4f/64 fe80::21e:6ff:fe42:3d4f/64

Problem description

On the NFS client I was not able to mount the NFS share with DietPi Drive Manager (runs into a timeout after 90 seconds). Not sure if this is related to my issue, but just mentioning it here.
But I was able to mount the NFS share on the client using CLI:

maddin@OdroidN2:~$ sudo mount /mnt/nfs

And it seems that the mounting has worked:

maddin@OdroidN2:~$ df -h
Filesystem                                  Size  Used Avail Use% Mounted on
udev                                        1.8G     0  1.8G   0% /dev
tmpfs                                       379M   26M  354M   7% /run
/dev/mmcblk1p1                               15G  6.1G  7.7G  44% /
tmpfs                                       1.9G     0  1.9G   0% /dev/shm
tmpfs                                       5.0M     0  5.0M   0% /run/lock
tmpfs                                       1.9G     0  1.9G   0% /tmp
tmpfs                                        50M   56K   50M   1% /var/log  1.8T   46G  1.7T   3% /mnt/nfs

The problem now is, that the folders inside the mounted share belong to root:

maddin@OdroidN2:/mnt/nfs$ ls -lan
total 16
drwxr-xr-x 4 0 0 4096 Feb 22 20:17 .
drwxr-xr-x 7 0 0 4096 Feb 22 21:44 ..
drwxr-xr-x 2 0 0 4096 Feb 22 20:17 complete
drwxr-xr-x 2 0 0 4096 Feb 22 20:17 incomplete

Hence, I’m also not able to create files there as user “maddin”:

maddin@OdroidN2:/mnt/nfs$ touch complete/test
touch: cannot touch 'complete/test': Permission denied

And I’m also not able to change the ownership with sudo:

maddin@OdroidN2:/mnt/nfs$ sudo chown -R maddin:maddin complete
chown: changing ownership of 'complete': Operation not permitted

So, my question is, what do I have to change on NFS server and/or client side to have read and write rights for /mnt/nfs for the standard user (and non-priviliged docker containers)? Sorry, if I’ve missed something very obvious - I’m quite a noob regarding NFS. :wink:

try to set no_root_squash option within your export configuration to allow non root user access.

Ok, thanks for the hint. I’ve changed now /etc/exports on the NFS server to this:


Afterwards I have enabled the changes with sudo exportfs -a and restarted the NFS service with sudo systemctl restart nfs-kernel-server.service.

On the NFS client, I’ve mounted the share again, but the problem remains unchanged. Any other ideas? :thinking:

EDIT: I forgot to try that first, but Indeed I can now chown the directory /mnt/nfs to my standard user “maddin”:

maddin@OdroidN2:/mnt$ sudo chown -R maddin:maddin nfs
maddin@OdroidN2:/mnt$ ls -l
total 20
drwxr-xr-x 3 root   root   4096 Dec 28 15:04 dietpi-backup
drwxrwxr-x 7 dietpi dietpi 4096 Jan  8 15:54 dietpi_userdata
drwxrwxr-x 2 dietpi dietpi 4096 Nov 20 22:12 ftp_client
drwxr-xr-x 4 maddin maddin 4096 Feb 22 20:17 nfs
drwxrwxr-x 2 dietpi dietpi 4096 Nov 20 22:13 samba

And now I can write in that directory, of course. Hooray! :smiley:
After umount the ownership of /mnt/nfs jumps back to root, but if I mount the NFS share tagain, it’s owned by “maddin” again. So problem seems to be solved. Thanks a lot! :+1:

1 Like