user permission issue

[bbcairway]

On the client, some works for example :
sudo mount -t nfs -o vers=4.1,sec=sys,port=2050 192.168.0.170:/home/user1 /mnt/nfs_shared
be correct, but
sudo mount -t nfs -o vers=4.1,sec=sys,port=2050 192.168.0.170:/ /mnt/nfs_shared
is succeed
How sould I limit the use of the directory / and /home for client ?

The nfs server config is

 "nfs_server": {
        "port": 2050,
        "irods_mount_point": "/tempZone",
        "user_information_refresh_time_in_milliseconds": 3600000,
        "file_information_refresh_time_in_milliseconds": 1000,
        "user_access_refresh_time_in_milliseconds": 1000,
        "object_type_refresh_time_in_milliseconds": 300000,
        "user_permissions_refresh_time_in_milliseconds": 300000,
        "user_type_refresh_time_in_milliseconds": 300000,
        "list_operation_query_results_refresh_time_in_milliseconds": 30000,
        "allow_overwrite_of_existing_files": true,
        "using_oracle_database": false
    },

The nfs server exports is
/home/user1 *(rw)

[korydraughn]

One thing that stands out is that the line in the exports file does not contain acl. NFSRODS requires that option always be set.

Is that export entry defined in the NFSRODS-specific exports file?

I've confirmed the following configurations work as intended.

Case 1

# file: exports
/ *(rw,acl,sec=sys,no_root_squash)

sudo mount -o port=2050 localhost:/home/kory /mnt/nfsrods

Case 2

# file: exports
/home/kory *(rw,acl,sec=sys,no_root_squash)

sudo mount -o port=2050 localhost:/home/kory /mnt/nfsrods

Given you mention there's a permission issue, I think all you need to do is make sure the acl option is defined for each export entry.