Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do I copy files to a NFS mount directory and also preserve the group and user ownership of the files?

Posted on 2008-10-17
7
Medium Priority
?
6,956 Views
Last Modified: 2013-12-21
Hi,

I am in the process of transferring files from a systems local directory to a NFS mount directory on that same system.  In the process of copying the files from the old directory to the NFS mount directory, I receive several messages of "cp: failed to preserve ownership for <file name> : Not owner" .  The previous user and group owners have now changed to nobody4 and nogroup in the NFS mount directory.  Please assist on the command that I should have used to prevent this from happening?  Is there something that I should configure on the NAS system (NetApp)?  If there so, please provide a solution.  I really appreciate your help.
0
Comment
Question by:gsalcedo
7 Comments
 
LVL 22

Expert Comment

by:Brian Utterback
ID: 22743109
You need to run the command as root with the "-p" option to cp. In addition, you need to have root access to the NFS mount, which is doesn't sound like you have. In that case, you need to run the cp command from the account of the user that owns those files. You can use the su command to become the user and then run the cp command.  When the root user on a system is not set as a trusted root account, you usually find that the files that root creates on the NFS volume end up owned as "nobody"
0
 

Author Comment

by:gsalcedo
ID: 22743522
Hi blu,

When I copy the files, I did it as root.  The command that I used was cp -pr <file name> <NFS mount directory>.  Even as root, I still receive the "cp: failed to preserve ownership for <file name> : Not owner" errors.  Is there some options that I am supposed select on the NAS system's NFS export volume, such as Actual Path, Anonymous User ID, Root Access and more?
0
 
LVL 22

Expert Comment

by:Brian Utterback
ID: 22743692
Correct. The key thing is the "root access". Without root access, the remote root user is treated as an ordinary user, namely the "nobody" user. That means that the attempts to change the owner of the file failed and the file owner was left as "nobody". If you set root access for the remote system, then the root user will be treated as root and not as nobody, and the attempts to chnage the ownership will succeed.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:peter991
ID: 22765995
How does your /etc/dfs/dfstab look on the receiving node?
0
 

Author Comment

by:gsalcedo
ID: 22766362
Hi Everyone,

The problem was not the options that I indicated with the "cp" command, but the options that I selected on the NFS server (NetApp).  One of the options that I had to select was "Anonymous user."   After selecting that option and then running the same "cp" command with the "-pr" options, the copy of the files with the right ownership worked just fine.  Thank you very much for your advices.
0
 
LVL 22

Accepted Solution

by:
Brian Utterback earned 1500 total points
ID: 22766632
You apparently have set anonymous user to root. This is a common solution and has a similar effect as setting the root user as trusted. However, the security ramifications are huge. You should never set the anonymous user to 0 or root.  Consider what is happening:

The reason that root is not trusted by default is that this makes the access of the files on the server dependent on the trustworthiness of the client. Root has special privs, and the server relies on the client to specify the user of all operations. If the client is malicious, then it is trivial to access all files on the server as root, if the root user on the client is trusted by default.

So, the default is to set accesses by root on the client to be treated as if there are access by an anonymous users, usually nobody. Thus root on the client will only have the accesses that any user on the server would have, preventing root from accessing anything other than world readable files.

When you set anonymous user to 0, you are reversing the effect of the mapping. Root gets mapped to the anonymous user, and the anonymous user gets mapped back to root. So, this solved your problem, root gets root access on the server.

But consider, you have given root access to all clients, including untrusted ones. You have also now given root access to clients that have unauthenticated users. So, for some kind of clients that do not provide authentication (some PC clients, for instance), users using those clients will get root access to the servers, by *default*.

The correct mechanism is the one I described, namely to set the export options to trust the client the root access from individual clients, not to map the anonymous user to 0.
0
 
LVL 3

Expert Comment

by:Saranyakkali
ID: 22785588
1. Make your nfs mount as read write

share -F nfs -o rw,anon=0  /mount

mount it in local as mounttest

copy all files from mount1 to mounttest

cd /mount1; tar cvfp - . | (cd /mounttest; tar xvfp -)

that's all
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month8 days, 20 hours left to enroll

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question