NFS mount failure

Hello, everyone.

After installing 10.0.2, nfs mount with tcp fails. It succeeds with udp.

The following command will fail.
$ mount_nfs -o tcp fileserver:/export /tmp/mnt

The following command will succeed.
 $ mount_nfs -o udp fileserver:/export /tmp/mnt
 
Parents
  • Hi Takahiro,

    Sorry to hear that you're having trouble. Can you confirm that the system extensions are loaded correctly and that the endpoint was rebooted after install?

    After a reboot, if it's still not working an SDU would help us with our investigation. Please provide an SDU from the affected machine by following these steps:

    • Go into Central, find the device, and click on the generate SDU button
    • Once the sdu is uploaded, post the file name here so we can extract it and take a look

    Thanks for your feedback

Reply
  • Hi Takahiro,

    Sorry to hear that you're having trouble. Can you confirm that the system extensions are loaded correctly and that the endpoint was rebooted after install?

    After a reboot, if it's still not working an SDU would help us with our investigation. Please provide an SDU from the affected machine by following these steps:

    • Go into Central, find the device, and click on the generate SDU button
    • Once the sdu is uploaded, post the file name here so we can extract it and take a look

    Thanks for your feedback

Children
  • Thank you for your reply.

    I authorized the kext manualy, But system extensions are not loaded correctly.

    ----------------------------------------------------------------

    # spctl kext-consent list

    Allowed Team Identifiers:

    2H5GFH3774

    # kextstat |grep -i sophos

    Executing: /usr/bin/kmutil showloaded

    No variant specified, falling back to release
    ----------------------------------------------------------------

    I uploaded SDU with the following name.

    8cc41d8c-bb4a-d4c6-7a46-04292afa91fe_2021-02-08-05-26-05.zip

    Thank you for your support.

  • Hi,

    This file has not yet reached us at Sophos, are you able to trigger an SDU once more?

    We wouldn't expect kexts to be loaded on Big Sur, but we would expect our system extensions to load correctly - can you share some more details on what appears to be the problem with them?

    Could you also provide the output of the following command? Thanks

    systemextensionsctl list

  • I'm sorry, SDU was failing. I ran SDU again.

    I uploaded SDU with the following name.

    deb6009c-e20c-0425-3aac-7f4425d509dc_2021-02-09-10-30-49.zip

    The output of the systemctl command is as follows.

    # systemextensionsctl list

    2 extension(s)

    --- com.apple.system_extension.network_extension

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.networkextension (1.0/2) networkextension [activated enabled]

    --- com.apple.system_extension.endpoint_security

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.scanextension (1.0/1.0) com.sophos.endpoint.scanextension [activated enabled]

  • Thank you for the info, we'll have an engineer look at the SDU.

    In the meantime be on the lookout for v10.0.3, the update is rolling out this week and we'd be keen to know if any of the updates fix the issue you're seeing.

  • Thank you for your reply.

    I'm waiting for the survey results from the engineers.

    I would like to update when 10.0.3 is released.

     
    Thank you for your support.

  • I updated to 10.0.3, but it didn't improve.
     
    Please let us know if you have any other information you need.
  • Hello, I'm Frank, developer at the Mac Endpoint team. 

    I'm trying to recreate the NFS mount issue so I've set up an NSF share on my NAS. Both TCP and UDP mount succeed with version 10.0.3 and 10.0.4 in my setup; files on the share can we read and written on Big Sur.

    Questions:

    1) what is the exact console output when trying to mount via TCP?

    2) does turning off "Real Time Scanning Files & Internet" and/or "Malicious Traffic Detection" change anything in the outcome?  

    Thanks,

    Frank

  • I’m sorry for the late reply.Thank you for your reply.

    I tried it with 10.0.4 in my environment, but it didn't work.

    > 1) what is the exact console output when trying to mount via TCP?

    The output is as follows

    root# mount_nfs -o tcp 172.19.76.158:/System/Volumes/Data/exports /tmp/mnt
    mount_nfs: can't mount /System/Volumes/Data/exports from 172.19.76.158 onto /private/tmp/mnt: Permission denied
    root# mount_nfs -o udp 172.19.76.158:/System/Volumes/Data/exports /tmp/mnt
    root# echo $?
    0

    > 2) does turning off "Real Time Scanning Files & Internet" and/or "Malicious Traffic Detection" change anything in the outcome?  

    I disabled the above settings, but it didn't improve.

    Please let us know if you have any other information you need.

    Thank you for your support.