Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
NFS permission problem
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Tue Jan 07, 2003 3:04 pm    Post subject: NFS permission problem Reply with quote

hi,

i use kernel based nfs, version 3, to export /usr/portage for other machines.
Code:
$ cat /etc/exports
/usr/portage    192.168.1.1() 192.168.1.2() 192.168.1.3()

mounting this export on any of the three boxes which are allowed to works.
my problem: i expected the files to be owned by nobody (uid and gid 65534) for the clients, but instead they have the same permissions as on the servers disk fs. i already tried the anonuid, anongid, all_squash and root_squash options with my export definition, without success. what am i missing?

tia, jukka
Back to top
View user's profile Send private message
Rider
Tux's lil' helper
Tux's lil' helper


Joined: 07 Jan 2003
Posts: 85
Location: Berne, Switzerland

PostPosted: Tue Jan 07, 2003 5:18 pm    Post subject: Re: NFS permission problem Reply with quote

hi!

jukka wrote:
i already tried the anonuid, anongid, all_squash and root_squash options with my export definition, without success. what am i missing?


hmm, you don't get any errors in your syslog?

make sure that you run 'exportfs -ra' after you have changed your '/etc/exports' file.

you could try the 'map_static' option which allows you to specify the uid and gid in a map file. The syntax of the map file is described in the 'exports(5)' man page.


otherwise plz poste your exact exports file (the one with the anonuid / gid options enabled)
Back to top
View user's profile Send private message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Tue Jan 07, 2003 6:51 pm    Post subject: Re: NFS permission problem Reply with quote

sali, ;-)
Rider wrote:
hmm, you don't get any errors in your syslog?

no, because everything works, but not the way i want it to. i guess i misunderstand some very basic nfs concepts...

Quote:
make sure that you run
Code:
exportfs -ra
after you have changed your
Code:
/etc/exports

i use the latest stable gentoo ebuild (nfs-utils-0.3.3-r1). on reload, a 'exportfs -r' is done (i think this is sufficient, -a is superfluous).

Quote:
you could try the
Code:
map_static
option which allows you to specify the uid and gid in a map file.

i use nfs version 3, map_static was version 2. or i can't find it anymore in the exports man page...

Quote:
otherwise plz poste your exact exports file (the one with the anonuid / gid options enabled)

yes, please. nfs server box:
Code:
$ cat /etc/exports
/usr/portage    192.168.1.1() 192.168.1.2(ro,all_squash) 192.168.1.3()

nfs client box (192.168.1.2):
Code:
$ mount -t nfs servername:/usr/portage /mnt/test -o ro,rsize=8192,wsize=8192 && echo ok
ok
$ ls -ld /mnt/test/*xt
drwxr-xr-x  114 root     root         4096 Jan  7 11:27 app-text/
-rw-r--r--    1 root     root          129 Jan  3 09:20 header.txt

hmm, i could mount it, but the files still have [ud]id zero. i expect them to be owned by 'nobody'...

thanks your your help so far!

gruess, jukka
Back to top
View user's profile Send private message
Rider
Tux's lil' helper
Tux's lil' helper


Joined: 07 Jan 2003
Posts: 85
Location: Berne, Switzerland

PostPosted: Tue Jan 07, 2003 8:18 pm    Post subject: Re: NFS permission problem Reply with quote

salü (luschtig niemer vürsteit das ;-))

Quote:

yes, please. nfs server box:
Code:
$ cat /etc/exports
/usr/portage    192.168.1.1() 192.168.1.2(ro,all_squash) 192.168.1.3()

nfs client box (192.168.1.2):
Code:
$ mount -t nfs servername:/usr/portage /mnt/test -o ro,rsize=8192,wsize=8192 && echo ok
ok
$ ls -ld /mnt/test/*xt
drwxr-xr-x  114 root     root         4096 Jan  7 11:27 app-text/
-rw-r--r--    1 root     root          129 Jan  3 09:20 header.txt

hmm, i could mount it, but the files still have [ud]id zero. i expect them to be owned by 'nobody'...


hmm, this is realy strange... I've got just one last stupid idea:
Doesn't it works even if you have just
Code:
/usr/portage 192.168.1.2(ro,all_squash)
(exactly like that) in your exports file? because a few days ago I had some troubles, and then I found out that I had a space too much in my export file :(

viellech hiufts ;-)
vieu glück!
Back to top
View user's profile Send private message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Tue Jan 07, 2003 9:07 pm    Post subject: Re: NFS permission problem Reply with quote

Rider wrote:
salü (luschtig niemer vürsteit das ;-))

waerinizosichr! ;-)

Quote:
hmm, this is realy strange... I've got just one last stupid idea:
Doesn't it works even if you have just
Code:
/usr/portage 192.168.1.2(ro,all_squash)
(exactly like that) in your exports file? because a few days ago I had some troubles, and then I found out that I had a space too much in my export file :(

yes, same problem. hmm, i think i'll have to read the sources...

messi trotzdaem!
Back to top
View user's profile Send private message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Tue Jan 07, 2003 9:35 pm    Post subject: Reply with quote

one more problem: if i export and mount parts of a filesystem, i get 'Permission denied' errors when the client tries to write to the nfs...
server:
Code:
$ cat /etc/exports
/usr/portage 192.168.1.2(rw)

client:
Code:
$ mount -t nfs 192.168.1.4:/usr/portage /mnt/test -o fw
$ mount
...
192.168.1.4:/usr/portage on /mnt/test type nfs (rw,addr=192.168.1.4)
...
$ touch /mnt/test/file
touch: creating `/mnt/test/file': Permission denied

no syslog errors... damn. i think it's a really silly mistake i don't notice...
Back to top
View user's profile Send private message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Tue Jan 07, 2003 9:53 pm    Post subject: Reply with quote

jukka wrote:
i think it's a really silly mistake i don't notice...

yes, it was... :oops:
i thought the client would see the squashed id's. for example, when the client lists a dir containing files owned by root, the client would see files owned by nobody...
of course it's the opposite way round: the client's id's get squashed, so if root@client writes to a nfs, the resulting file is owned by nobody...

admins, you better flush this thread, it only wastes disk space... ;-)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum