Error: "Permission Denied", when copying or moving a file to NetWare NFS export.
(Last modified: 10Feb2003)
This document (10073589) is provided subject to the disclaimer at the end of this document.
fact
Novell NetWare 5.1 Support Pack 4 (NW51SP4.EXE)
Novell NetWare 6.0 Support Pack 2
Novell Native File Access Protocols
Novell Native File Access Pack 1.0 Support Pack 1 (NFAP1SP1.EXE)
Novell Native File Access for UNIX (NFAU)
Novell NetWare NFS Services 3.0 Support Pack 3a (NFS30SP3A.EXE)
NFSSERV.NLM version 15.02z December 10, 2001
NFSSERV.NLM version 15.15g February 22, 2002
Hewlett Packard HP-UX all versions
RFC1813 - NFS Version 3 Protocol Specification
RFC1094 - NFS: Network File System Protocol Specification
symptom
Error: "Permission Denied", when copying or moving a file to NetWare NFS export.
Error: "cp: Bad copy to [/<mount point>][/<directory>/]<target file>. Write permission denied."
None of the users, except user 'root', can copy (cp) or move (mv) files to an exported NetWare volume.
cause
When copying or moving a file to a remote NFS file system with the NFS version 3 protocol, the HP-UX NFS client first checks the path configuration of the target directory with the NFS PATHCONF request (NFS 3 procedure 20: Retrieve POSIX information).
Next, it checks for the existence of the target file in the target directory with the NFS LOOKUP request (NFS 3 procedure 3: Lookup filename).
Then, it requests the remote NFS server to create the target file in the target directory with the NFS CREATE (NFS 3 procdure 8: Create a file). With the NFS CREATE request, a NFS client can request the server to create the file with specific file attributes. One of these file attributes is the file mode. The file mode attribute keeps information about the file permissions. With the NFS CREATE request that the HP-UX NFS client generates on behalve of the copy or move command, it instructs the remote NFS server to create the file with the permissions set to 000, that is, noone has permission to read, write or execute the file, regardless the umask of the operating user.
Once the remote NFS server has replied that it successfully created the target file, the HP-UX NFS client requests the remote NFS server to write the file data to the target file with NFS WRITE requests (NFS 3 procedure 7: Write to file). Because the permissions on the target file are set to 000, noone, not even the owner of the file, is allowed to write to the file and the NetWare NFS server replies with NFS Error Number 13 (NFS3ERR_ACCES), indicating that permission is denied.
However, the third paragraph of section 4.4 "Permission issues" on page 98 of RFC1813 reads: "Another problem arises due to the usually stateful open operation. Most operating systems check permission at open time, and then check that the file is open on each read and write request. With stateless servers, the server cannot detect that the file is open and must do permission checking on each read and write call. UNIX client semantics of access permission checking on open can be provided with the ACCESS procedure call in this revision, which allows a client to explicitly check access permissions without resorting to trying the operation. On a local file system, a user can open a file and then change the permissions so that no one is allowed to touch it, but will still be able to write to the file because it is open. On a remote file system, by contrast, the write would fail. To get around this problem, the server's permission checking algorithm should allow the owner of a file to access it regardless of the permission setting. This is needed in a practical NFS version 3 protocol server implementation, but it does depart from correct local file system semantics. This should not affect the return result of access permissions as returned by the ACCESS procedure, however."
Since the owner/UID of the target file is equal to the UID in the Remote Procedure Call of the WRITE requests, the NetWare NFS Server should allow the WRITE request from the file owner, regardless the file permissions.
fix
Submitted a defect report to engineering.
Fixed with NetWare NFS Services 3.0 Support Pack version 4 (NFS30SP4.EXE).
note
This problem happens with both, the NFS version 2 and the NFS version 3 protocol.
document
| Document Title: | Error: "Permission Denied", when copying or moving a file to NetWare NFS export. |
| Document ID: | 10073589 |
| Solution ID: | NOVL81668 |
| Creation Date: | 15Aug2002 |
| Modified Date: | 10Feb2003 |
| Novell Product Class: | Connectivity Products NetWare |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.