NFS non root read write access
Hi Im wondering if someone could help me.
I'm having a little trouble, this is what im trying to do I want the user apache on machine 1 to have full read/write access to all the files of all the different users on server2 and server3, im not too sure on permissions etc. Currently my only idea is to mount the /home directories of server2 and server3 in /var/www using NFS bu the user apache just gets permission denied errors when trying to access a file on one of the mounts. Any help/ideas would be much appreciated. Kind Regards Matthew |
OK, so let's say you are mounting /home/matthew from the host machine onto a local directory on the apache machine. On the host machine, not apache, you have to type this
chmod 777 /home/matthew/* Make sure you have all your NFS config files set up correctly to deny access to all ip addresses but your own from the apache machine. If it is not done correctly, it may be possible for people from the outside to access/change these folders. |
Hi, thanks for the reply, I have considered that but if I do that then surely the other users on the host machine could read/write other users files?
Matthew |
Lol, sorry, I am thinking about a single user machine (all 3 of my desktops are used bya single different person). Sorry, I'm lost, I never considered that problem.
|
Ah ok I understand, security isnt much of a problem for this project but I would like some basic security so that users dont accidentally delete or edit other users files.
Matthew |
hi
check the /etc/exports file are the directories exported have given the rwx permissions or not |
Doesn't matter if they do or not. On the server, you still have to have the right permissions on the directories that are being shared. I had the same problem as him. If you put down that root is the only one that can write to a directory, it doesn't matter what is in /etc/exports, it still won't write.
|
Ok so how can I fix this problem?
Matthew |
Sorry, I mis-worded my last post. It does matter, I meant to say that that was most likely not the problem cause I had the same issue (i type to fast without thinking and often I don't double check what I have typed)
Anyways, I don't think there is any other way to fix the problem other than what we stated before, which is why NFS is often considered insecure. In the end you may have to do what I suggested. Is anyone else either able to give a better solution or at least confirm that I am right? |
All times are GMT -5. The time now is 03:32 AM. |