Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
NFS share blocked based on user?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
hasues
n00b
n00b


Joined: 04 Mar 2004
Posts: 54

PostPosted: Sat Aug 27, 2011 6:00 am    Post subject: NFS share blocked based on user? Reply with quote

I have three hosts. One is the nfs server, and two are nfs clients. On one of the clients, logged in as my user id, I can not access the data on that share.

On the client with the user having the issue:
[myuser] $ cd /home

[myuser] $ ls
myuser photos

[myuser] $ ls -la
total 24
drwxr-xr-x 4 root root 4096 Nov 19 2009 .
drwxr-xr-x 22 root root 4096 Aug 24 01:32 ..
drwxr-xr-x 150 myuser users 4096 Aug 26 18:55 myuser
-rw-r--r-- 1 root root 0 Aug 3 2006 .keep
drwxrwx--x 176 1023 pixpeeps 12288 Aug 20 19:39 photos

[myuser] $ mount |grep nfs
mindpaint:/home/photos on /home/photos type nfs (ro,addr=192.168.74.1)

[myuser] $ cd photos
[myuser] $ ls
ls: cannot open directory .: Permission denied

[myuser] $ groups
disk wheel floppy uucp audio cdrom dialout video games cdrw usb users vboxusers plugdev scanner wireshark pixpeeps

[myuser] $ cd ..
[myuser] $ sudo useradd -g pixpeeps -s /bin/bash testuser
Password:

[myuser] $ sudo passwd testuser
New password:
Retype new password:
passwd: password updated successfully

[myuser] $ su - testuser
Password:
No directory, logging in with HOME=/

testuser@myhost / $ cd /home/photos

testuser@myhost /home/photos $ ls
2002 Christmas
2003 Christmas

testuser@myhost /home/photos $

So I think this proves that the client works correctly on this host. As shown the user is in the appropriate group, but for whatever reason this user can not access the data on the share. If I create a user and put it in the same group, it works fine. The only thing I can think that changed is that the host was updated recently. This used to work fine.

/etc/fstab contains:
192.168.74.1:/home/photos /home/photos nfs ro 0 0

I'm stumped. Is something in policy kit preventing it? Pam? My user on the third host, another client, works correctly there...the UIDs and GIDs match in the /etc/passwd and /etc/group files on all hosts.
_________________
Lettuce, Pickles, hold the mayo!
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7618
Location: almost Mile High in the USA

PostPosted: Sat Aug 27, 2011 8:40 am    Post subject: Reply with quote

Did you try rebooting/relogin on the client?

Does running 'newgrp pixpeeps' before cd'ing into the directory help? (Then client reboot/relogin may help)
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16214

PostPosted: Sat Aug 27, 2011 4:39 pm    Post subject: Reply with quote

Your user's first sixteen groups do not contain pixpeeps. If I recall correctly, a protocol limitation causes only your first sixteen groups to be sent when checking access permissions.
Back to top
View user's profile Send private message
hasues
n00b
n00b


Joined: 04 Mar 2004
Posts: 54

PostPosted: Sat Aug 27, 2011 5:38 pm    Post subject: Number of groups. Reply with quote

A reboot shouldn't be needed because the client does work...the addition of a user proves such, and if anything it would prove there is something wrong with the user...the host was rebooted once as I wanted to make sure that I had the correct options in the nfs module.

As far as the number of groups, that appears to be the issue because if these groups are sent in ascending order of gid, pixpeeps would be last, and I recently added that user to the uucp group. I removed the disk group because I don't think the user needs access to the disk group. Thank you both for your help. I spent all day and all night looking that up, and it was mind boggling.

Haz
_________________
Lettuce, Pickles, hold the mayo!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum