NFS is sharing even if disabled

P

Pheggas

Cadet
Joined
Dec 29, 2021
Messages
7
Hello. So i set up users, datasets, and now i'm setting up SMB and NFS share. With SMB isn't any problem. But the whole NFS system makes me crazy. I started by heading to Sharing -> NFS -> Add -> selecting path and checking "All dirs" so that all subdirs will be accessible. After creating this NFS share i head into Services and turn on NFS server. Now i wanted to connect to NFS share inside my Windows Server VM through the Veeam's Backup Repository but i can't. It's throwing error "No write access to destination" which is weird as i didn't check "Read Only" in NFS share.

I checked the accessibility by mounting that path with NFS via Ubuntu Server i have (used sudo mount -t nfs 192.168.1.72:/mnt/path/to/folder /mnt/NAS). It worked but i noticed i wrote the folder above selected folder in NFS share inside TrueNAS. I thought how it is possible to access the folder above the selected one in TrueNAS? So i disabled that NFS share but keep NFS server turned on. Guess what, the mounted path still worked and was still accessible. This means i don't need any NFS shares to basically share my whole dataset (and possibly other datasets too)?

Am i missing something or is this a really big security flaw?

TL;DR: Noticed that whole dataset is still accessible after disabling NFS share but keeping NFS server turned on inside TrueNAS.
 
V

Volts

Patron
Joined
May 3, 2021
Messages
210
Pheggas said:
checking "All dirs" so that all subdirs will be accessible
Click to expand...

-alldirs doesn't make subdirs "accessible". For NFSv3 it allows subdirs to be mount points - it's similar to creating a share for every single subdirectory.

(It's also implied/unnecessary with NFSv4. Subdirs can always be mounted with NFSv4.)

Pheggas said:
Noticed that whole dataset is still accessible after disabling NFS share but keeping NFS server turned on inside TrueNAS.
Click to expand...

Do those pools have the sharenfs ZFS property set?

From the shell:
cat /etc/zfs/exports
zfs get sharenfs pool/dataset
 
P

Pheggas

Cadet
Joined
Dec 29, 2021
Messages
7
Volts said:
-alldirs doesn't make subdirs "accessible". For NFSv3 it allows subdirs to be mount points - it's similar to creating a share for every single subdirectory.

(It's also implied/unnecessary with NFSv4. Subdirs can always be mounted with NFSv4.)



Do those pools have the sharenfs ZFS property set?

From the shell:
cat /etc/zfs/exports
zfs get sharenfs pool/dataset
Click to expand...
I'm really sorry but i already did some tinkering during the day and now i'm fully switched to only SMB (yes, i had SMB and NFS shares to the same dataset which is wrong and i already realised it). After all, i still don't understand why it was accessible. Thank you for responding to my post anyway. I really appreciate it!
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "NFS is sharing even if disabled"

Similar threads

luk
NFS help with user permissions
Replies
0
Views
1K
luk
luk
L
Contents of NFS Share not visible on Ubuntu 20.04 client
Replies
2
Views
1K
lukazy88
L
jahmed
trying to authenticate NFS with Active Directory Login
Replies
0
Views
1K
jahmed
jahmed
T
SOLVED portainer container data migration to nfs share while maintaining ownership & permissions
Replies
2
Views
2K
theomolenaar
T
I
SOLVED Mount NFS in TrueNAS stopped working
Replies
1
Views
2K
Itay1778
I
Top