LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   NFS and file permissions problem (https://www.linuxquestions.org/questions/linux-software-2/nfs-and-file-permissions-problem-4175438474/)

mk1234 11-23-2012 03:27 PM
NFS and file permissions problem
 
Hi,
I have a problem with NFS regarding file permissions when copying file that has no read / write permissions for group.

First, this is how I set NFS:
- created accounts for users on the server
- each user has in server's /etc/exports line with exported folder and his machine ip as well as following parameters: anonuid and anongid to match his uid/gid, rw and all_squash.
- all users are in one common group, lets call it "fornfs"
- each user has in his .profile on their machines umask set to 002

Example of /etc/exports line:
/mnt/share 192.168.1.10(rw,no_subtree_check,all_squash,anonuid=1001,anongid=1004)

Server is Debian Squeeze, clients are Kubuntu 12.04.1. Exported folder is SEC_TYPE="ext2" TYPE="ext3" (ACL doesn't work with < ext4?).

Now, if user A makes a file, it gets correct permissions (by correct I mean also rw for group) thanks to umask. He puts that file on NFS and other users from "fornfs" group can open it and edit too.

BUT, if user A gets some file via Skype for example, and that file lands on user's machine with permission 600, and user A then puts that file on NFS, other users cant use that file at all because of the permission.

What I am looking for is, if there is some kind of umask or similar that will force default permission on file being copied to NFS. Which means, user puts that file on NFS, NFS sees that file permission has no read and write for group, and corrects it. Like umask sets for new created file.

I should mention also that you should assume that users are people that do not know / care to change permission, they just expect to put file on NFS and that should work automatically. So advicing users to chmod files before putting on mounted NFS is no go (nor I d like that system depends on users behavior).

Some might suggest cron, with which I am fine with as the last solution when nothing else works. But I d prefer a more elegant solution / suggestion, like umask was a good and elegant "fix" for just created files / folders.

If you need any more details, please ask.

Thank you in advance. :)

linosaurusroot 11-24-2012 12:13 PM
Are you interested in changing the code of the NFS daemon at the point it creates a file?

shivaa 11-24-2012 12:24 PM
You can set SGID on user's home directory i.e. on /home/A, so any new file created or moved/copied inside it (for example from Skype), will get the same group assigned to it as what user's home directory has. Then if user A will share that file, user's group member will also have permissions to modify/edit that file. To do this:
Code:
chmod g+xs /home/A
So make a try and check.

mk1234 01-09-2013 01:42 PM
Thanks but I didnt like to add a sticky bit.
In the end, I decided to switch everyone to use Samba instead NFS. It works there as expected.

chrism01 01-10-2013 02:13 AM
Actually, sgid != sticky bit ('t'); that's a different concept.


All times are GMT -5. The time now is 09:12 AM.