# freebsd with NFSv4



## yhq_34 (Aug 14, 2020)

Hi guys;

I am trying to setup NFS share to another freebsd client. but I don't know why it always show 
	
	



```
kernel: mount_nfs: nmount: /data: Permission denied
```
if I use 
	
	



```
mount freebsd1:/data /data
```
 and it will show 
	
	



```
freebsd1:/data on /data (nfs)
```
 But I want nfsv4acls feature on. What't the problem?
server conf;
rc.conf

```
nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
```
client conf;
rc.conf

```
zfs_enable="YES"
nfs_client_enable="YES"
nfs_client_flags="-n 4"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"
```
fstab

```
freebsd16:/data3   /data3  nfs rw,bg,late,failok,nfsv4  0 0
```


----------



## mark_j (Aug 14, 2020)

What's your /etc/exports file look like?

Unfortunately, this is one area where the handbook is lacking information.


----------



## yhq_34 (Aug 14, 2020)

/etc/exports

```
V4: / -sec=sys:krb5:krb5i:krb5p
/data    -alldirs -maproot=root -network=192.168.0.0/24
```


----------



## mark_j (Aug 14, 2020)

And the ownership/permissions of /data is correct?
set sysctl vfs.nfsd.debuglevel on the server to something other than 0, restart nfsd and look in the logs. Does it give any other information?
Have you updated your /etc/krb5.keytab?

Edit: Look at this: https://wiki.freebsd.org/KerberizedNFS


----------



## yhq_34 (Aug 14, 2020)

The permission should change to root:wheel? Currently a user was it's owner.
I just want to setup ACLs, whatever v4 or v3.
When I use "setfacl -R -a 0 g:"Domain\Unix Admins":full_set:fd:allow /data" to change the nfs share it will show. Does this related to NFSv4?

```
acl_get_link_np() failed: Operation not supported
```


----------



## yhq_34 (Aug 14, 2020)

After I add "nfsuserd_enable="YES"" to the rc.conf. and It's mounted. but in the client why the permission was nobody? 

```
total 33
drwxr-xr-x   3 nobody  nogroup   3 Jul 29 14:30 nfsshare/
```


----------



## mark_j (Aug 15, 2020)

Are you using kerberos for authentication? If so then what have you done.
Your options for NFSv4 are to use *sys *security as the first instance. It will use that if it's available, which it is.

Your acl issue looks like the acl was not set when NFS wants to get it. Are you using a custom kernel without UFS_ACL? Are you using UFS or ZFS?

What does getfacl of the directory show?

I do recall NFS ACLs don't work/didn't work on FreeBSD's UFS. Perhaps someone else can clarify?


----------



## yhq_34 (Aug 15, 2020)

The client was using UFS, server was ZFS, after add 
	
	



```
nfsuserd_flags=" -manage-gids"
```
 to the rc.conf. now the permission seems OK.


----------

