View previous topic :: View next topic |
Author |
Message |
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Tue Jan 07, 2003 3:04 pm Post subject: NFS permission problem |
|
|
hi,
i use kernel based nfs, version 3, to export /usr/portage for other machines. Code: | $ cat /etc/exports
/usr/portage 192.168.1.1() 192.168.1.2() 192.168.1.3() |
mounting this export on any of the three boxes which are allowed to works.
my problem: i expected the files to be owned by nobody (uid and gid 65534) for the clients, but instead they have the same permissions as on the servers disk fs. i already tried the anonuid, anongid, all_squash and root_squash options with my export definition, without success. what am i missing?
tia, jukka |
|
Back to top |
|
|
Rider Tux's lil' helper
Joined: 07 Jan 2003 Posts: 85 Location: Berne, Switzerland
|
Posted: Tue Jan 07, 2003 5:18 pm Post subject: Re: NFS permission problem |
|
|
hi!
jukka wrote: | i already tried the anonuid, anongid, all_squash and root_squash options with my export definition, without success. what am i missing?
|
hmm, you don't get any errors in your syslog?
make sure that you run 'exportfs -ra' after you have changed your '/etc/exports' file.
you could try the 'map_static' option which allows you to specify the uid and gid in a map file. The syntax of the map file is described in the 'exports(5)' man page.
otherwise plz poste your exact exports file (the one with the anonuid / gid options enabled) |
|
Back to top |
|
|
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Tue Jan 07, 2003 6:51 pm Post subject: Re: NFS permission problem |
|
|
sali,
Rider wrote: | hmm, you don't get any errors in your syslog? |
no, because everything works, but not the way i want it to. i guess i misunderstand some very basic nfs concepts...
Quote: | make sure that you run after you have changed your |
i use the latest stable gentoo ebuild (nfs-utils-0.3.3-r1). on reload, a 'exportfs -r' is done (i think this is sufficient, -a is superfluous).
Quote: | you could try the option which allows you to specify the uid and gid in a map file. |
i use nfs version 3, map_static was version 2. or i can't find it anymore in the exports man page...
Quote: | otherwise plz poste your exact exports file (the one with the anonuid / gid options enabled) |
yes, please. nfs server box: Code: | $ cat /etc/exports
/usr/portage 192.168.1.1() 192.168.1.2(ro,all_squash) 192.168.1.3() |
nfs client box (192.168.1.2): Code: | $ mount -t nfs servername:/usr/portage /mnt/test -o ro,rsize=8192,wsize=8192 && echo ok
ok
$ ls -ld /mnt/test/*xt
drwxr-xr-x 114 root root 4096 Jan 7 11:27 app-text/
-rw-r--r-- 1 root root 129 Jan 3 09:20 header.txt |
hmm, i could mount it, but the files still have [ud]id zero. i expect them to be owned by 'nobody'...
thanks your your help so far!
gruess, jukka |
|
Back to top |
|
|
Rider Tux's lil' helper
Joined: 07 Jan 2003 Posts: 85 Location: Berne, Switzerland
|
Posted: Tue Jan 07, 2003 8:18 pm Post subject: Re: NFS permission problem |
|
|
salü (luschtig niemer vürsteit das )
Quote: |
yes, please. nfs server box: Code: | $ cat /etc/exports
/usr/portage 192.168.1.1() 192.168.1.2(ro,all_squash) 192.168.1.3() |
nfs client box (192.168.1.2): Code: | $ mount -t nfs servername:/usr/portage /mnt/test -o ro,rsize=8192,wsize=8192 && echo ok
ok
$ ls -ld /mnt/test/*xt
drwxr-xr-x 114 root root 4096 Jan 7 11:27 app-text/
-rw-r--r-- 1 root root 129 Jan 3 09:20 header.txt |
hmm, i could mount it, but the files still have [ud]id zero. i expect them to be owned by 'nobody'...
|
hmm, this is realy strange... I've got just one last stupid idea:
Doesn't it works even if you have just
Code: | /usr/portage 192.168.1.2(ro,all_squash) | (exactly like that) in your exports file? because a few days ago I had some troubles, and then I found out that I had a space too much in my export file
viellech hiufts
vieu glück! |
|
Back to top |
|
|
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Tue Jan 07, 2003 9:07 pm Post subject: Re: NFS permission problem |
|
|
Rider wrote: | salü (luschtig niemer vürsteit das ) |
waerinizosichr!
Quote: | hmm, this is realy strange... I've got just one last stupid idea:
Doesn't it works even if you have just
Code: | /usr/portage 192.168.1.2(ro,all_squash) | (exactly like that) in your exports file? because a few days ago I had some troubles, and then I found out that I had a space too much in my export file |
yes, same problem. hmm, i think i'll have to read the sources...
messi trotzdaem! |
|
Back to top |
|
|
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Tue Jan 07, 2003 9:35 pm Post subject: |
|
|
one more problem: if i export and mount parts of a filesystem, i get 'Permission denied' errors when the client tries to write to the nfs...
server: Code: | $ cat /etc/exports
/usr/portage 192.168.1.2(rw) |
client: Code: | $ mount -t nfs 192.168.1.4:/usr/portage /mnt/test -o fw
$ mount
...
192.168.1.4:/usr/portage on /mnt/test type nfs (rw,addr=192.168.1.4)
...
$ touch /mnt/test/file
touch: creating `/mnt/test/file': Permission denied |
no syslog errors... damn. i think it's a really silly mistake i don't notice... |
|
Back to top |
|
|
jukka Apprentice
Joined: 06 Jun 2002 Posts: 249 Location: Zurich, Switzerland
|
Posted: Tue Jan 07, 2003 9:53 pm Post subject: |
|
|
jukka wrote: | i think it's a really silly mistake i don't notice... |
yes, it was...
i thought the client would see the squashed id's. for example, when the client lists a dir containing files owned by root, the client would see files owned by nobody...
of course it's the opposite way round: the client's id's get squashed, so if root@client writes to a nfs, the resulting file is owned by nobody...
admins, you better flush this thread, it only wastes disk space... |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|