跳转到主内容

打开目录时、超级用户的NFSv4权限被拒绝

Views:
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

  • ONTAP 9
  • NFSv4
  • 导出策略规则

问题描述

  • 无法以超级用户身份访问目录、即使在导出策略规则中设置了访问权限:
 Cluster::*> export-policy rule show -client client1 -instance Vserver: svm1 Policy Name: policy1 Rule Index: 135 Access Protocol: any List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: client1 RO Access Rule: any RW Access Rule: none User ID To Which Anonymous Users Are Mapped: 0 Superuser Security Types: any Honor SetUID Bits in SETATTR: true Allow Creation of Devices: true NTFS Unix Security Options: fail Vserver NTFS Unix Security Options: use_export_policy Change Ownership Mode: restricted Vserver Change Ownership Mode: use_export_policy Policy ID: 133143986179
  • 访问目录时、系统会触发"权限被拒绝"错误:
 vserver1:~ # mount /directory1 vserver1:~ # cd /vol1/dir1/dir2/dir3_old Vserver1:/vol1/dir1/dir2/dir3_old # ll total 8 drwxr-xr-x 2 root root 4096 Jun 15 2018 dir2 drwxr-x--- 13 root root 4096 Oct 5 2016 dir3 vserver1:/vserver/vol1/dir1 # cd dir2/ vserver1:/vserver/vol1/dir2 # cd .. vserver1:/vserver/vol1/dir2 # cd dir3/ -bash: cd: dir3/: Permission denied
  • 匿名用户设置为默认值:
 Cluster::*> name-service unix-user show -vserver Svm1 (vserver services name-service unix-user show) User User Group Full Vserver Name ID ID Name -------------- --------------- ------ ------ -------------------------------- Svm1 nobody 65535 65535 Svm1 pcuser 65534 65534 Svm1 root 0 1 3 entries were displayed.

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.