Hi,
I have a problem with NFS regarding file permissions when copying file that has no read / write permissions for group.
First, this is how I set NFS:
- created accounts for users on the server
- each user has in server's /etc/exports line with exported folder and his machine ip as well as following parameters: anonuid and anongid to match his uid/gid, rw and all_squash.
- all users are in one common group, lets call it "fornfs"
- each user has in his .profile on their machines umask set to 002
Example of /etc/exports line:
/mnt/share 192.168.1.10(rw,no_subtree_check,all_squash,anonuid=1001,anongid=1004)
Server is Debian Squeeze, clients are Kubuntu 12.04.1. Exported folder is SEC_TYPE="ext2" TYPE="ext3" (ACL doesn't work with < ext4?).
Now, if user A makes a file, it gets correct permissions (by correct I mean also rw for group) thanks to umask. He puts that file on NFS and other users from "fornfs" group can open it and edit too.
BUT, if user A gets some file via Skype for example, and that file lands on user's machine with permission 600, and user A then puts that file on NFS, other users cant use that file at all because of the permission.
What I am looking for is, if there is some kind of umask or similar that will force default permission on file being copied to NFS. Which means, user puts that file on NFS, NFS sees that file permission has no read and write for group, and corrects it. Like umask sets for new created file.
I should mention also that you should assume that users are people that do not know / care to change permission, they just expect to put file on NFS and that should work automatically. So advicing users to chmod files before putting on mounted NFS is no go (nor I d like that system depends on users behavior).
Some might suggest cron, with which I am fine with as the last solution when nothing else works. But I d prefer a more elegant solution / suggestion, like umask was a good and elegant "fix" for just created files / folders.
If you need any more details, please ask.
Thank you in advance.
