`mountPermissions` is applied to the root directory of the NFS server.

[krpsh123]

What happened:

I0722 13:45:57.760210       1 utils.go:109] GRPC call: /csi.v1.Controller/CreateVolume
I0722 13:45:57.760239       1 utils.go:110] GRPC request: {"capacity_range":{"required_bytes":1073741824},"name":"pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c","parameters":{"csi.storage.k8s.io/pv/name":"pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c","csi.storage.k8s.io/pvc/name":"nfs-pvc-42-nfs-mtls","csi.storage.k8s.io/pvc/namespace":"default","mountPermissions":"2770","server":"p-karpov-master-0","share":"/mnt/nfs_mtls"},"secrets":"***stripped***","volume_capabilities":[{"AccessType":{"Mount":{"fs_type":"ext4","mount_flags":["nfsvers=4.2","xprtsec=mtls"]}},"access_mode":{"mode":5}}]}
I0722 13:45:57.760684       1 controllerserver.go:500] internally mounting p-karpov-master-0:/mnt/nfs_mtls at /tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c
I0722 13:45:57.760840       1 nodeserver.go:132] NodePublishVolume: volumeID(p-karpov-master-0#mnt/nfs_mtls#pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c##) source(p-karpov-master-0:/mnt/nfs_mtls) targetPath(/tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c) mountflags([nfsvers=4.2 xprtsec=mtls])
I0722 13:45:57.761135       1 mount_linux.go:243] Detected OS without systemd
I0722 13:45:57.761150       1 mount_linux.go:218] Mounting cmd (mount) with arguments (-t nfs -o nfsvers=4.2,xprtsec=mtls p-karpov-master-0:/mnt/nfs_mtls /tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c)
I0722 13:45:57.881749       1 utils.go:167] chmod targetPath(/tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c, mode:020004000777) with permissions(02770)

Mounting the root of the NFS export.

I0722 13:45:57.760684       1 controllerserver.go:500] internally mounting p-karpov-master-0:/mnt/nfs_mtls at /tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c

Use chmod to set permissions on the root directory of the NFS export.

I0722 13:45:57.881749       1 utils.go:167] chmod targetPath(/tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c, mode:020004000777) with permissions(02770)

What you expected to happen:
Use chmod to set permissions on a subfolder within the NFS export.

I0722 13:45:57.881749       1 utils.go:167] chmod targetPath(/tmp/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c/pvc-55c343db-d7d5-49f5-b028-5d79fd7ae36c, mode:020004000777) with permissions(02770)

How to reproduce it:
Create a Pod and a PVC.

Environment:

• CSI Driver version: v4.11.0
• Kubernetes version: v1.31.9
• OS (e.g. from /etc/os-release): Ubuntu 22.04.5 LTS
• Kernel: 6.8.0-57-generic

[krpsh123]

I’ve attached a patch that addresses the issue by adding support for mountPermissions when mounting snapshot volumes. It works in my setup, but I’m not sure if this approach aligns with your design or implementation plans — so please review and let me know what you think.

Thanks!

add-mountPermissions-to-snapshot.patch.gz