I'm trying to wrap my head around how Linux file permission work over a network but I just seem to get more and more confused. I set up a fileserver with Ubuntu 10.04 Server (no GUI) and I want to share files with a few Linux desktops and laptops around the house with various users. Here is a scenario that confuses me.
I have a user on the server, jondoe, and there is a folder on the server, jon_folder, that I only want Jon to be able to see. Jon has a laptop and on that laptop he logs into Linux with the username jdoe and perhaps on a desktop he logs in as jon. Do I need to have all of those logins in the server, jdoa and jon (including the jondoa that I already have on the server)?
I have a very similar issue here. I created an account for my wife on the server as lneuman and have a folder called /data/linda. This folder is owned by user lneuman and group lneuman. She created an account on a desktop with the login linda (the passwords on the server and the desktop happen to be the same). I exported the directory as such:
Code:
/data/linda *(rw,sync)
Then:
Code:
chmod 775 /data/linda
And on her desktop added this to /etc/fstab:
Code:
servername:/data/linda /home/linda nfs defaults 0 0
Now when she logs in as linda on the desktop she can see and modify files that are in /data/linda on the server. That's great but I don't understand how this happened.
Where are the two accounts linked? There is a lneuman on the server and a linda on the desktop, they are the same human behind them, but I don't see how the linda account should have access to the /data/linda on the server that is owned my lneuman.
I then logged in under my account, todd, and modified /etc/fstab to mount /data/linda (on the server) to a new folder that I created on the desktop called /linda that is owned my user todd. I ran mount -a and it mounted and I was able to write to /data/linda. I have no idea why. What is allowing these users to write to that directory? I even changed the permissions on the server for /data/linda to 770 and from the desktop user todd was still able to write to /data/linda.
Hope that this was not all too rambling. I'm obviously missing something very important here. Thanks for any help