Troubleshooting NFS scans from a Discover server running Linux


Article ID: 159856


Updated On:


Data Loss Prevention Network Discover


Troubleshooting NFS scans from a Discover server running Linux


Here are some troubleshooting steps to help resolve issues with setting up a NSF share when the Discover server is a Linux box.

The correct syntax for the Discover target should be nfs://server/share

Do not try and  use 'root' credentials to connect to the remote share in the Discover target

Example of what is happening behind the scenes;

mount -v -t nfs /home


command < options <IP or Hostname:/share /localmountpoint

We will try and mount the NFS share into the following directory on the linux box /mnt/vontu

Make sure you can manually run the mount command as the 'protect' user from the Discover server

In regards to DLP:


so logged in as the protect account



sudo  mount -v -t nfs /mnt/vontu


To unmount:

sudo umount /mnt/vontu


To see if a NFS share has been setup, view the /etc/exports on the server where the share is.




Grant the 'protect' user permission to mount the NFS share

Make sure you see this line in the etc/sudoers file;

protect ALL= NOPASSWD: /bin/mount, /bin/umount, /usr/bin/sshfs

Please make sure these lines are also in the /etc/sudoers file;

# Vontu service user
Defaults:protect !requiretty
protect ALL= NOPASSWD: /bin/mount, /bin/umount, /usr/bin/sshfs
# Vontu content extractor user
Defaults:protect_extract !requiretty
protect ALL=(protect_extract) NOPASSWD: /opt/Vontu/jre/bin/java
Defaults>protect_extract umask=0007