1. Managing Network File Systems in Oracle Solaris 11.4
  2. Network File System Features
  3. How the NFS Service Works
  4. Features in NFS Version 4
  5. Sharing a Labeled File System

Sharing a Labeled File System

By default, you cannot use NFS to access files or directories that have been explicitly upgraded in a labeled ZFS file system. If you need to access labeled files using NFS, you must override the default policy on the remote client by using the labeled option while sharing. When the labeled option is enabled, the NFS client's identity is mapped to a local identity, which enables the client to access the labeled files and directories.

Ensure that the svc:/network/nfs/mapid service is online: 

$ svcs network/nfs/mapid

Use the labeled option while sharing: 

# zfs set share.nfs.labeled=on rpool/filesystem

Caution:

To minimize the risk of identity spoofing when using the labeled option, use one of the NFS security options specified in the nfssec(7) man page.

For more information about file labeling, see Sharing and Mounting Labeled File Systems in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.