引用
$ sudo rsync -av --port=2008 hisdb02::mcdbra/archlog/orcl1/1_44792_698764072.dbf /tmp
receiving incremental file list
rsync: send_files failed to open "/archlog/orcl1/1_44792_698764072.dbf" (in mcdbra): Permission denied (13)
receiving incremental file list
rsync: send_files failed to open "/archlog/orcl1/1_44792_698764072.dbf" (in mcdbra): Permission denied (13)
日志显示生产机无法open归档日志1_44792_698764072.dbf,进一步检查得知该归档日志存放在nfs文件系统上。
引用
root@hisdb02:/var/adm#df
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
/dev/hd4 2097152 1995896 5% 2323 2% /
/dev/hd2 6815744 3685120 46% 37222 9% /usr
/dev/hd9var 2097152 178200 92% 443 3% /var
/dev/hd3 33554432 29460648 13% 1390 1% /tmp
/dev/hd1 2097152 1626432 23% 488 1% /home
/proc - - - - - /proc
/dev/hd10opt 2097152 1917288 9% 2745 2% /opt
/dev/lvoracle 62914560 27519376 57% 76569 3% /oracle
/dev/fslv00 2086666240 748941176 65% 382 1% /rman
/dev/lvdbra 83886080 78608608 7% 25150 1% /dbra
/dev/lvarch 104857600 76068312 28% 370 1% /archlog/orcl2
hisdb01:/archlog/orcl1 167772160 130979864 22% 4995 1% /archlog/orcl1
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
/dev/hd4 2097152 1995896 5% 2323 2% /
/dev/hd2 6815744 3685120 46% 37222 9% /usr
/dev/hd9var 2097152 178200 92% 443 3% /var
/dev/hd3 33554432 29460648 13% 1390 1% /tmp
/dev/hd1 2097152 1626432 23% 488 1% /home
/proc - - - - - /proc
/dev/hd10opt 2097152 1917288 9% 2745 2% /opt
/dev/lvoracle 62914560 27519376 57% 76569 3% /oracle
/dev/fslv00 2086666240 748941176 65% 382 1% /rman
/dev/lvdbra 83886080 78608608 7% 25150 1% /dbra
/dev/lvarch 104857600 76068312 28% 370 1% /archlog/orcl2
hisdb01:/archlog/orcl1 167772160 130979864 22% 4995 1% /archlog/orcl1
但是在hisdb02主机上对目录/archlog/orcl1有读写权限,但没有赋权或者更改文件属主的权限。
引用
root@hisdb02:/archlog/orcl1#chown oracle:dba lll
chown: lll: Operation not permitted.
chown: lll: Operation not permitted.
在hisdb02上检查/etc/filesystems配置文件,似乎也没有明显错误:
引用
/archlog/orcl1:
dev= "/archlog/orcl1"
vfs= nfs
nodename= hisdb01
mount= true
type= nfs
options= rw,bg,hard,intr,vers=3,rsize=32768,wsize=32768,timeo=600,proto=tcp,biods=32
account= false
dev= "/archlog/orcl1"
vfs= nfs
nodename= hisdb01
mount= true
type= nfs
options= rw,bg,hard,intr,vers=3,rsize=32768,wsize=32768,timeo=600,proto=tcp,biods=32
account= false
直觉告诉我,rsync出现这个错误,应该和nfs特定的权限有关,于是进一步在hisdb01上检查nfs配置文件/etc/exports,可以看到配置文件中并没有显示赋予root访问权限。
引用
root@hisdb01:/#cat /etc/exports
/archlog/orcl1 -rw,access=hisdb02
/archlog/orcl1 -rw,access=hisdb02
于是添加root显示访问权限
引用
root@hisdb01:/#cat /etc/exports
/archlog/orcl1 -rw,root=hisdb02,access=hisdb02
/archlog/orcl1 -rw,root=hisdb02,access=hisdb02
AIX对于选项的解释如下:
引用
rw = Client [:Client]
Exports the directory with read-write permission to the specified Clients. Exports the directory read-only to Clients not in the list. A read-write list cannot be specified if a read-only list has been specified.
access = Client[:Client,...]
Gives mount access to each Client listed. If not specified, any Client is allowed to mount the specified directory
root=Client[:Client]
Allows root access from the specified Clients. Clients not in the list are not allowed root access.
Exports the directory with read-write permission to the specified Clients. Exports the directory read-only to Clients not in the list. A read-write list cannot be specified if a read-only list has been specified.
access = Client[:Client,...]
Gives mount access to each Client listed. If not specified, any Client is allowed to mount the specified directory
root=Client[:Client]
Allows root access from the specified Clients. Clients not in the list are not allowed root access.
为保险起见在hisdb01重新exportfs -a,然后在hisdb02重新umount,mount nfs文件系统之后,问题解决。
附:
在aix上修改配置文件/etc/exports除了手工编辑之外,aix还提供smitty 接口用于修改
引用
root@hisdb01:/#smit chnfsexp
* Pathname of directory to export /archlog/orcl1
Anonymous UID [-2]
Public filesystem? [no] +
* Change export now, system restart or both both +
Pathname of alternate exports file []
Allow access by NFS versions []
External name of directory (NFS V4 access only) []
Referral locations (NFS V4 access only) []
Replica locations []
Ensure primary hostname in replica list yes +
Allow delegations? []
Security method 1 [sys,none] +
Mode to export directory [read-write] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access [hisdb02]
Hosts allowed root access [hisdb02]
Security method 2 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
Security method 3 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
Security method 4 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
* Pathname of directory to export /archlog/orcl1
Anonymous UID [-2]
Public filesystem? [no] +
* Change export now, system restart or both both +
Pathname of alternate exports file []
Allow access by NFS versions []
External name of directory (NFS V4 access only) []
Referral locations (NFS V4 access only) []
Replica locations []
Ensure primary hostname in replica list yes +
Allow delegations? []
Security method 1 [sys,none] +
Mode to export directory [read-write] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access [hisdb02]
Hosts allowed root access [hisdb02]
Security method 2 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
Security method 3 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
Security method 4 [] +
Mode to export directory [] +
Hostname list. If exported read-mostly []
Hosts & netgroups allowed client access []
Hosts allowed root access []
或者通过chnfsexp命令进行修改
引用
/usr/sbin/chnfsexp -d '/archlog/orcl1' '-B' -S 'sys,none' -t 'rw' -c 'hisdb02' -r 'hisdb02'