Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am currently trying to set up an image repository server to house all the image files used by a website, and i will share it over via NFS.
But if I don't mount the folder within the webroot, the webpages won't be able to access the images right?
is there any way around it? because I want to avoid mounting the folder in the webroot directory as it means I will have to do it everytime I create a new site/user...
i would like to mount it at /imgrepo so that everyone can just access from there.
I'm not familiar with the restrictions on the web server, but I am familiar with how nfs works. So here's a solution I figure would work:
1. Mount the image repository within the webroot (something like /var/www/imgrepo/).
2. Create a symbolic link in / with a command like "ln -s /var/www/imgrepo/ /imgrepo"
3. In /etc/exports, export /imgrepo
This is assuming the nfs file server is the same computer as the web server.
This solution depends on the precise way in which nfs exports work when the "directory" being exported is actually a symbolic link. As you may know, an nfs export can only extend as far as one filesystem. So normally, a symbolic link within an nfs export will fail, if it "points" outside the filesystem. However, when the directory being exported is a symbolic link, the filesystem being exported is whichever one the link is pointing to--even if the symlink itself exists in a different one.
I take advantage of this behavior in the way I handle my file server exports.
Are these different webservers on different hosts or on the same host?
If it is the latter, then mounting it inside the jail on /var/www/imgrepo/ isn't any more difficult then mounting it someplace else.
If the source is on another host than the webserver (probably true since you are using NFS) and you have several users running webservers in their own webroot, I think you could simply have a system boot script bind the /var/user/www/imgrepo/ share. As in "mount --bind /imgrepo /home/user/var/www/imgrepo". Note that this is before the chroot, so I guessed what the full pathname would be outside the chrooted jail.
I'm not certain how NFS would like this. I'm not running NFS so I couldn't try it out. Whether you can create a link or rebind the directory or import it for each user, you are still provided essentially the same information. NFS isn't stateful so I don't know if exporting to each directory would cause that much more work than sharing the same imported share via links.
It works just fine. My photo album and music is in /usr/local/www, it is also exported via NFS and mounted in my desktop under ~/www. You can of course mount it in /mnt/www for instance and link to users home directories for convenience.
but i realise one issue: NFS ports the permissions from the server base on UID of the user.
Meaning to say, if the folder to be shared out on the NFS server is for user alex with UID 500. But on the client machine, UID 500 belongs to Bob. This means Bob can access the folder despite it being belonging to "alex".
How can I avoid such a problem? Strictly ensure that my user creation is in order (based on UID)??
It will work, but its unrealistic in the long term...
If you're going to use nfs, then you really want the UID's and GID's to be coordinated among all of your systems.
As far as nfs is concerned, "alex" on one system is exactly the same user as "Bob" on another system, so long as their UID's are the same. On the computer with "Bob", a directory listing will show the files as owned by "Bob". On the computer with "alex", a directory listing will show the files as owned by "alex".
but my network does not have NIS kind of service. so falling short of setting up a NIS, I should just manually ensure all my users' UID are consistent throughout?
and as a side-question: for a collection of about 20+ web servers (web servers only), is it better to start employing NIS kind of services?
Yes, you should just manually ensure all users UIDs are consistent throughout. That's what I do on my home network, where there are few computers and even fewer users.
For a collection of 20+ web servers, it may depend on how you need to use them. But off the top of my head, I can't think of an example where it's not worth the effort.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.