Re: [SLUG] Permissions Problem

From: Ian C. Blenke (icblenke@nks.net)
Date: Fri Oct 25 2002 - 10:28:25 EDT


On Thursday 24 October 2002 23:01, Paul M Foster wrote:
> I have a local box (internal network behind the firewall) called
> spaceghost. I want to set up spaceghost to mirror all the websites we've
> built, most of which I have copies of on my local machine (rocky).
> Spaceghost has samba, nfs and apache running. This is Debian 3.0, so
> apache lives at /var/www on that machine. I've set up the exports file
> on spaceghost to export /var/www, and I've mounted it as /mnt/www on
> rocky (my box).
>
> I've changed the perms on spaceghost's directories as follows:
>
> drwxrwxr-x /var/www root web
>
> I created various directories under spaceghost's /var/www, such as:
>
> drwxrwxr-x /var/www/www.suncoastlug.org root web
>
> I created the web group and added myself to that group, so I _should_ be
> able to futz around in that directory.
>
> HOWEVER, when I attempt to copy files from rocky's
> /var/www/www.suncoastlug.org directory (where the slug site lives
> locally), to spaceghost's /var/www/www.suncoastlug.org directory, I get
> a permissions failure. Rocky's fstab file looks like this:
>
> spaceghost:/var/www /mnt/www nfs defaults,rw 0 0
>
> Any clue why I can't copy the files from rocky to spaceghost?

If you are doing this as root, you probably don't have "no_root_squash"
defined. By default, any NFS access as root is remapped to the user nobody -
this is called "root squash"ing. You must export the mountpoint as
no_root_squash for the root user on a remote box to have total access to
everything on the share.

        spaceghost# echo "/var/www rocky(rw,no_root_squash)" > /etc/exports
        spaceghost# exportfs -r

The biggest pain with NFS is getting the same UID information on all of the
clients (and the server, for that matter). Either you must have the same
/etc/passwd file everywhere, or a centralized infrastructure using
NIS/NIS+/LDAP or some other NSS pluggable method.

If you're really going to run Linux NFS, I highly recommend the
http://nfs.sourceforge.net patches for reliability and speed reasons.

-- 
- Ian C. Blenke <icblenke@nks.net>



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:46:40 EDT