Hi guys,

I have two home computers with Ubuntu 11.04 on it. My desktop PC (let's call it "server") and my laptop (let's call it "client").

What I'd like to do now is export a directory on the server via NFS and mount it as a network share on the client using "mount" and NFS. So far so good. Now comes the problem.

In order to use "mount" on the client I have to do a lovely "sudo". However, when I do that, I merely get read-only access to the exported directory and each time I want to copy a file to the directory the client tells me "no permission". I do have exported the directory with the "rw"-option, though.

The problem seems to be that whenever you mount a NFS directory as client-user "root" (which I can't avoid when using "sudo"), the server automatically maps that to the server-user "nobody" for security purposes. There seems to be a "no_root_squash"-option for the NFS server to prevent that, but it's not recommended - again due to security issues.

So what's the proper way to export a directory? Should the exported directory be owned by the server-user "root" or by some other user? How does the client get write permission in the exported directory when using sudo? Or is there a way without using sudo?

Here's my server's /etc/exports:
========
/exports/data_pool 192.168.3.0/255.255.255.0(rw,sync)
========

TIA for all your help,
Blackhole

Mounting user has nothing to permissions in NFS, important is user who get access to resources. There are few methods to restrict permissions in NFS, depending on needs. For example if you want the same users on server and client, use IDMAP daemon or give them the same uids, and use chmod/chown on the server to set permissions for that user. If you other side want a host IP based permissions, as I have, you can use all_squash and anonuid/anongid arguments in exports list to redirect all access from some IP to specified user and group. Look also on the "sec" argument.