AchilleTalon
Guru
Joined: 11 Apr 2004
Posts: 368
Location: Montreal, Quebec, Canada
|
 Posted: Thu Dec 04, 2014 2:57 pm Post subject: NFSv4, Kerberos and files ownership on a shared filesystem |
 |
|
I have a NFSv4 environment using MIT Kerberos to manage authentication/access to shared filesystems.
I have a filesystem exported read-write to a client, this client is mounting the filesystem read-write. I can perform the expected operations with a regular user. So far, so good.
Now, my question/problem is what about an application creating/writing files into that filesystem which need to change the ownership of the files to a generic user with no right to login on the client, neither on the server. The no_root-squash option seems not to work for the root user being recognized as root on both sides. Do I need to create a principal for root in Kerberos or can I just create a principal for the user with no right to login? Am I trying to do something unfeasible?
_________________
Achille Talon Hop! |
|
Networking & Security
