Troubleshooting NFS scans from a Discover server running Linux

Here are some troubleshooting steps to help resolve issues with setting up a NSF share when the Discover server is a Linux box.

The correct syntax for the Discover target is: nfs://server/share

Do not use 'root' credentials to connect to the remote share in the Discover target

Example of what is happening behind the scenes;

mount -v -t nfs 192.168.1.1:/share /home

command < options <IP or Hostname>:/share /localmountpoint

We will try and mount the NFS share into the following directory on the linux box /mnt/vontu

Make sure you can manually run the mount command as the 'protect' user from the Discover server

In regards to DLP:

so logged in as the protect account

Example:

sudo  mount -v -t nfs <hostname>:/home/shared /mnt/vontu

To unmount:

sudo umount /mnt/vontu

To see if a NFS share has been setup, view the /etc/exports on the server where the share is.

Grant the 'protect' user permission to mount the NFS share

Make sure you see this line in the etc/sudoers file;

protect ALL= NOPASSWD: /bin/mount, /bin/umount, /usr/bin/sshfs

Please make sure these lines are also in the /etc/sudoers file;

# Vontu service user
Defaults:protect !requiretty
protect ALL= NOPASSWD: /bin/mount, /bin/umount, /usr/bin/sshfs
 
# Vontu content extractor user
Defaults:protect_extract !requiretty
protect ALL=(protect_extract) NOPASSWD: /opt/Vontu/jre/bin/java
Defaults>protect_extract umask=0007