mount.nfs: access denied by server while mounting

Question

On my Ubuntu system, I have this line in /etc/fstab:

myserver:/home/me /mnt/me nfs rsize=8192,wsize=8192,timeo=14,intr

When I do

sudo mount -a

I get:

mount.nfs: access denied by server while mounting myserver:/home/me

How can I diagnose this problem? The nfs server is also Ubuntu.

Additional details: I am able to mount this nfs share from other Ubuntu clients on the same network with no problem. However, the problematic client is different in that it is running inside VirtualBox on a Windows system. I can ping "myserver" fine from the problematic client.

EDIT: /etc/exports on "myserver":

/home/me *(rw,all_squash,async,no_subtree_check,anonuid=1000,anongid=1000)

/etc/hosts.allow and /etc/hosts.deny on "myserver" are both all comments. And keep in mind, that I can connect fine from other clients on the same network.

have you tried tailing the log files on the remote ubuntu nfs server? See if an attempt is being made to nfs mount from the virtual machine on the windows box. — Patrick R, Jan 29 '10 at 14:47

score 35 · Accepted Answer · answered Jan 31 '10 at 02:03

35

Found it!

One of the logs had the line:

refused mount request from 192.168.1.108 for /home/me (/home/me): illegal port 64112

I googled and found that since the port is over 1024 I needed to add the "insecure" option to the relevant line in /etc/exports on the server. Once I did that (and ran exportfs -r), the mount -a on the client worked.

answered Jan 31 '10 at 02:03

JoelFan

2,165
5
24
30

5

While that works, now any non-root user can pretend to be a new instance of NFS and have access to all your files. Does anyone know if theres a way to just get the nfs client to stop using these high port numbers? – semi Mar 05 '11 at 01:10
Thanks so much for this, saved my ass. Was ready to give up after HOURS of googling. I didn't see it in the logs because I was grepping for "nfs", but this is actually logged my "mountd". – Cory J Aug 02 '11 at 05:47
1

@Cory J, thanks for taking the time to let me know it helped! Your comment made me take another look at this question and I see it has over 12K views! So probably it helped other people to but you are the only one that said "thanks"! :) – JoelFan Aug 02 '11 at 14:50
1

For future visitors: 1) The `illegal port 64112` message can be found on NFS server `/var/log/messages` 2) The `insecure` is added like `/path IP(rw,no_root_squash,no_all_squash,sync,insecure)`. – dibery Jan 22 '21 at 06:40
Saved me. My setup: Server in Ubuntu20.04 with static ip inside a virtual box with bridged net running on a Win10 Pro host machine. Client in Ubuntu20.04 running in a docker container with `--privileged` on top of a WSL2-based Ubuntu20.04 on the very same Win10 Pro host machine. Adding the `insecure` allowed the docker container mount the virtual box server. Thanks! Struggling for 48h now. Resolved! – Xavi Montero Apr 26 '21 at 18:27

score 16 · Answer 2 · answered Aug 15 '12 at 09:50

This question is related on how the network is set for your vm.

By default with VirtualBox, you have NAT network. Which result in port translation.

Step by step this gives :

The NFS client is using a reserved port (<1024 ... that can only be opened by root -> secured)
Virtualbox does the port translation (NAT) -> client port is now greater than 1024
The NFS server refuses the connection for that insecure port.

As mentioned by @JoelFan, one fix would be to set the insecure option to the server. This is a quick fix but ... insecure ;)

What fixed the case for me (in a secured manner) was to change from NAT to Bridge network for this vm. This way, my vm has it's own IP address and no port translation is done.

score 3 · Answer 3 · answered Mar 10 '12 at 06:02

3

Guess what... for me, the source of exactly the same error was a version mismatch between my NFS client and the server.

The logs were silent as if nothing happened, and only nfswatch running on the server side helped me clarify the situation.

The problem was resolved by adding the nfsver mount option on the client side:

server:/path   /mount/point   nfs   nfsvers=3   0 0

answered Mar 10 '12 at 06:02

revl

31
1

This was also my problem. Debian 6 (Squeeze) with `mount` package v2.17.2-9 installed. Solution worked. – Alastair Irvine Jul 25 '14 at 08:58

score 1 · Answer 4 · answered Jan 29 '10 at 15:40

1

Have you verified that the name resolution is correct on the server for the client that is trying to connect (and is listed in the exports file)?

answered Jan 29 '10 at 15:40

Matt Simmons

20,218
10
67
114

see my edits in the question... I am allowing all – JoelFan Jan 29 '10 at 15:56

score 0 · Answer 5 · answered Jan 29 '10 at 15:31

0

check the files hosts.allow and hosts.deny and whether the client is entered correctly. when this does not help, please post your export file.

answered Jan 29 '10 at 15:31

Christian

4,645
2
23
27

see my edits in the question – JoelFan Jan 29 '10 at 15:59

score 0 · Answer 6 · answered Mar 30 '13 at 23:52

In case this helps other people, I have a Synology NAS and the NFS point actually added another item to the path.

I was trying to mount "xxx.xxx.xxx.xxx/folder" as this is what I do in Windows. But for Ubuntu with NFS I had to use "xxx.xxx.xxx.xxx/volume1/folder".

mount.nfs: access denied by server while mounting

6 Answers6