@momofhlp I suspect it is a UID/GID mapping or permissions problem.
Mount the share manually no-root-squash. run a backup on that share. see what UID/GID xo expects you to use. Then set up an nfsshare for only that matching UID/GID and all should be good.
it is easiest to set it up wrong security wise with NFSv3 but easiest to make it work. Once it works, go back and switch to nfs4.1. read and weep. https://www.truenas.com/community/threads/nfs-sys-security-option.86501/
old nfs (v3) has little or no security. nfs4,1 has SYS for slightly better security. NFS4.2 + kerb5 has best security but a learning curve like:
|
|
|
|
only much much steeper. a better nfs security solution is nfs via stunnel
see:
- https://www.linuxjournal.com/content/encrypting-nfsv4-stunnel-tls
- https://bobcares.com/blog/nfsv4-encryption-with-stunnel-tls/
- historical: https://www.stunnel.org/mailman3/hyperkitty/list/stunnel-users@stunnel.org/thread/7FVHLCPSDHL2S6KQ7DBN24HLPSX4SHWV/
- other implementation details https://github.com/chadgeary/tls_nfs/tree/master/playbook
- another imp. https://forge.puppet.com/modules/simp/nfs/readme
I should turn this info into a package for xcp-ng.