[Leaplist] permissions help with NFS mounts

Kevin Korb kmk at sanitarium.net
Sun Jun 28 22:35:17 EDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You might have a file ownership problem.  In NFS the authentication is
up to the client and the numeric user and group IDs are what matters.
Consequently the numeric IDs need to be the same on both the server and
client for you to access things as a user.  If you are trying to access
things as root then read the part about root_squash in man exports.

Also, async and no_subtree_check are good performance enhancing options
to add to /etc/exports.  I have never used insecure so I can't comment
on that.

Ray Brunkow wrote:
> I just built a CentOS 5.3 NFS file server and I am having issues with
> permissions.  I have been successful at adding extra HDD and partitions
> to the fstab:
> 
> cat /etc/fstab
> LABEL=/1                /                       ext3    defaults        1 1
> LABEL=/boot1            /boot                   ext3    defaults        1 2
> tmpfs                   /dev/shm                tmpfs   defaults        0 0
> devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
> sysfs                   /sys                    sysfs   defaults        0 0
> proc                    /proc                   proc    defaults        0 0
> LABEL=SWAP-sdb1         swap                    swap    defaults        0 0
> /dev/sda3        /home1            ext3    rw,noatime,user    0 0
> /dev/sdb2        /home11            ext3    rw,noatime,user    0 0
> /dev/sdc1        /winXP            vfat    rw,noatime,user,umask=0    0 0
> /dev/sdc2        /winXP_data        ntfs-3g    rw,umask=0000,defaults   
> 0 0
> /dev/sdd3        /sdd3            ext3    rw,noatime,user    0 0
> /dev/sdd4        /sdd4            ext3    rw,noatime,user    0 0
> 
> Only / /boot    /dev/shm   /dev/pts   /proc   swap  were mounted from
> the install.  The other partitions/drives are a collection of old HDDs I
> have had laying around collecting dust.   On /home1 /home11 /winXP
> /winXP_data /sdd3 and /sdd4 i want the network users to have full rwx
> access.  This is a file server after all.  I want to be able to gain
> access to the storage, move files around, delete files, add files and
> directories, as well as mount ISO images all as if the permissions were
> 777.  YES I KNOW bad Brunkow, tough, its a file server and on those
> drives/partitions thats what I want.
> 
> I have NFS working as I can mount the shares from /etc/exports
> 
> cat /etc/exports
> /home1 192.168.2.0/255.255.255.0(rw,insecure)
> /home11 192.168.2.0/255.255.255.0(rw,insecure)
> /winXP 192.168.2.0/255.255.255.0(rw,insecure)
> /winXP_data 192.168.2.0/255.255.255.0(rw,insecure)
> /sdd3 192.168.2.0/255.255.255.0(rw,insecure)
> /sdd4 192.168.2.0/255.255.255.0(rw,insecure)
> 
> I added the 'insecure' tag from http://sial.org/howto/osx/automount/
> that made the suggestion.  They are supposed to be read write, but I can
> not write to them except the NTFS and FAT32 systems.  the ext3 file
> system I can only browse and then it is limited in most cases not
> letting me in all directories.
> 
> cat /etc/hosts.allow
> #
> # hosts.allow    This file describes the names of the hosts which are
> #        allowed to use the local INET services, as decided
> #        by the '/usr/sbin/tcpd' server.
> #
> portmap: 192.168.2.0/255.255.255.0
> 
> 
> So I can get to the NFS server from my iMAC, but the permissions are not
> what I need/want.  What adjustments and were do I need to make the
> adjustments to get my desired results.
> 
> My guess is someplace in the fstab, but I was lucky enough to edit that
> to add the directories and get NFTS mounted in the first place as it
> seems there is a known issue with CentOS 5.3 not working with mount ntfs
> and you have to hack it with fose and ntfs-3g and a few other
> applications/files/whatevertheyarecalled from a 3rd party repository.
> 
> At least I do have full access to those files...
> 
> Thanks for the help.
> 
> uname -a
> Linux AMD64-FILE1 2.6.18-128.1.14.el5 #1 SMP Wed Jun 17 06:40:54 EDT
> 2009 i686 athlon i386 GNU/Linux
> 
> 

- --
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
	Kevin Korb			Phone:    (407) 252-6853
	Systems Administrator		Internet:
	FutureQuest, Inc.		Kevin at FutureQuest.net  (work)
	Orlando, Florida		kmk at sanitarium.net (personal)
	Web page:			http://www.sanitarium.net/
	PGP public key available on web site.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAkpIKGUACgkQVKC1jlbQAQfp+ACgj+8y30dAMBWKZEblqGMkGjY7
FZcAoJhUUCXlbmIHjz7cYRA8jHiV5eED
=eCTa
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Leaplist mailing list