Solved

NFS file permissions

Posted on 2003-11-04
8
1,935 Views
Last Modified: 2009-12-16
Hii all ,

  I set up a NFS file system on my RedHat 7.1 server . I have successfully exported a directory on one server and I am able to mount it on the another server . I have exported the file with rw permissions. My problem is that when ever i write a file or data on the mounted directory then owner and group membership changes across the server . I see a totally different user as the owner of this file . How can I set this up so that both the users to be are same on both the side or if i can map a single user to be the owner for this directory.
  Hope U will be able to help me

Thanks and regards

Anup
 
0
Comment
Question by:anupnellip
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 18

Expert Comment

by:liddler
ID: 9677727
As far as linux sees it the file is owned by the UID / GID ,which it reads from its local /etc/hosts & /etc/group files.
What is probably happening is user bob (UID 1001) is changing the file on Server2, then server1 looks up the UID 1001 in its own /etc/hosts and sees that is user fred.
The way to prevent this is to keep the hosts / groups in sync between your servers.  You can either do this manually or use a ditributed user service such as NIS, NIS+ or LDAP
0
 
LVL 10

Author Comment

by:anupnellip
ID: 9677760
Hii liddler

 Thanks for the reply . I believe wha u said is right . How can i sync user id manually . I only need to do this once as there r not many users
Thanks

Anup
0
 
LVL 18

Accepted Solution

by:
liddler earned 200 total points
ID: 9677859
Decide which machine is your master, then change the UID on the second machine, either by manually editing the /etc/hosts file or using usermod -u <New UID> username.
For groups either change /etc/group of usermod -g
However, your will then have to change their home directory (and other directory they currently own) to the new UID / GID.  i.e.
chown -R <New UID>:<New GID> /home/username
I'd do a full backup before starting this and I'd let the users know you are doing it, and if you get any problems with programs not working as they did before, check permissions and / or ownerships on executeables / logs /temp dir etc
0
Interactive Way of Training for the AWS CSA Exam

An interactive way of learning that will help you visualize core concepts so that you can be more effective when taking your AWS certification exam.  Built for students by a student to help them understand the concepts that they are being taught.

 
LVL 18

Expert Comment

by:liddler
ID: 9678055
Sorry, for some old reason I kept typing /etc/hosts , when I meant /etc/passwd
0
 
LVL 6

Expert Comment

by:bummerlord
ID: 9678870
and/or you can use a map file (actually not sure if nfs impl on RH7.1 supports this)

e.g. in /etc/exports
/path remotemachine(rw,no_root_squash,map_static=/etc/nfsusers.map)

To map remote uid/gid 100 and 101 to 1000, 1001 nfsusers.map could contiain:
---
uid  100   1000
gid  100   1000

uid 101    1001
gid 101    1001
---

/b
0
 
LVL 6

Expert Comment

by:bummerlord
ID: 9678903
(If it works you could easily make a script that keeps this map file up to date of course...)
I also recall there being a special daemon for maping "daemon" accounts (what makes a daemon account would be up to you I imagine.. I've never used such a daemon I might add.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9683667
You are on the RIGHT track, the user ID, group ID should be the same. if you have only 2 boxes
the way you do it is fine.

If you have 50+,  100+, 1000+ boxes, you should thing about use NIS+/NIS/LDAP to manager the
user account. eg, use NIS+, you only need to create and modify a user account in the Master server,
and the user can login to all the boxes in your network. automount (auto_direct) is also very handy
for NFS mount filesystem.
0
 
LVL 10

Author Comment

by:anupnellip
ID: 9685087
Hii guys ,
   Thanks for guiding me in the right direction . I was able to solve the problem by using the following options in the export file
 (rw,rw,all_squash,anonuid=173,anongid=115) . As i needen only one user to be maped for this dirictory this was the ideal solution for me . anouid/anogid maps the remote user id to a single user id on local server .

Thanks

Anup

0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will giveā€¦
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question