Solved

NFS file permissions

Posted on 2003-11-04
8
1,926 Views
Last Modified: 2009-12-16
Hii all ,

  I set up a NFS file system on my RedHat 7.1 server . I have successfully exported a directory on one server and I am able to mount it on the another server . I have exported the file with rw permissions. My problem is that when ever i write a file or data on the mounted directory then owner and group membership changes across the server . I see a totally different user as the owner of this file . How can I set this up so that both the users to be are same on both the side or if i can map a single user to be the owner for this directory.
  Hope U will be able to help me

Thanks and regards

Anup
 
0
Comment
Question by:anupnellip
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 18

Expert Comment

by:liddler
ID: 9677727
As far as linux sees it the file is owned by the UID / GID ,which it reads from its local /etc/hosts & /etc/group files.
What is probably happening is user bob (UID 1001) is changing the file on Server2, then server1 looks up the UID 1001 in its own /etc/hosts and sees that is user fred.
The way to prevent this is to keep the hosts / groups in sync between your servers.  You can either do this manually or use a ditributed user service such as NIS, NIS+ or LDAP
0
 
LVL 10

Author Comment

by:anupnellip
ID: 9677760
Hii liddler

 Thanks for the reply . I believe wha u said is right . How can i sync user id manually . I only need to do this once as there r not many users
Thanks

Anup
0
 
LVL 18

Accepted Solution

by:
liddler earned 200 total points
ID: 9677859
Decide which machine is your master, then change the UID on the second machine, either by manually editing the /etc/hosts file or using usermod -u <New UID> username.
For groups either change /etc/group of usermod -g
However, your will then have to change their home directory (and other directory they currently own) to the new UID / GID.  i.e.
chown -R <New UID>:<New GID> /home/username
I'd do a full backup before starting this and I'd let the users know you are doing it, and if you get any problems with programs not working as they did before, check permissions and / or ownerships on executeables / logs /temp dir etc
0
 
LVL 18

Expert Comment

by:liddler
ID: 9678055
Sorry, for some old reason I kept typing /etc/hosts , when I meant /etc/passwd
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Expert Comment

by:bummerlord
ID: 9678870
and/or you can use a map file (actually not sure if nfs impl on RH7.1 supports this)

e.g. in /etc/exports
/path remotemachine(rw,no_root_squash,map_static=/etc/nfsusers.map)

To map remote uid/gid 100 and 101 to 1000, 1001 nfsusers.map could contiain:
---
uid  100   1000
gid  100   1000

uid 101    1001
gid 101    1001
---

/b
0
 
LVL 6

Expert Comment

by:bummerlord
ID: 9678903
(If it works you could easily make a script that keeps this map file up to date of course...)
I also recall there being a special daemon for maping "daemon" accounts (what makes a daemon account would be up to you I imagine.. I've never used such a daemon I might add.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9683667
You are on the RIGHT track, the user ID, group ID should be the same. if you have only 2 boxes
the way you do it is fine.

If you have 50+,  100+, 1000+ boxes, you should thing about use NIS+/NIS/LDAP to manager the
user account. eg, use NIS+, you only need to create and modify a user account in the Master server,
and the user can login to all the boxes in your network. automount (auto_direct) is also very handy
for NFS mount filesystem.
0
 
LVL 10

Author Comment

by:anupnellip
ID: 9685087
Hii guys ,
   Thanks for guiding me in the right direction . I was able to solve the problem by using the following options in the export file
 (rw,rw,all_squash,anonuid=173,anongid=115) . As i needen only one user to be maped for this dirictory this was the ideal solution for me . anouid/anogid maps the remote user id to a single user id on local server .

Thanks

Anup

0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Fine Tune your automatic Updates for Ubuntu / Debian
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now