LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 06-19-2007, 06:19 AM   #1
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Rep: Reputation: 30
NFS: folder permission inheritance


hi guys,

i've been playing with NFS, and I realised that if I just mount the server folder, that folder permissioning will be of what is specified in the server.

E.g. if the folder is created on the server by UID 500 (user1), when I mount on the client, the permission will belong to UID 500.

But client's UID 500 could be someone else. How can I manipulate that?

Thanks!
 
Old 06-20-2007, 02:56 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
well you have a centralized user base in line with that really, ldap or such where a uid is persistent across an enterprise.

outside of that you can mangle uids at nfs level if you really need to... http://www.faqs.org/docs/linux_netwo...s.exports.html
 
Old 06-25-2007, 03:13 AM   #3
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
hi there, i've looked at the link you send me... and something caught my eye:

Code:
map_identity

    This option tells the server to assume that the client uses the same uids and gids as the server. This option is on by default.
map_daemon

    This option tells the NFS server to assume that client and server do not share the same uid/gid space. rpc.nfsd then builds a list that maps IDs between client and server by querying the client's rpc.ugidd daemon.
map_static

    This option allows you to specify the name of a file that contains a static map of uids and gids. For example, map_static=/etc/nfs/vlight.map would specify the /etc/nfs/vlight.map file as a uid/gid map. The syntax of the map file is described in the exports(5) manual page.
map_nis

    This option causes the NIS server to do the uid and gid mapping.
map_daemon seems to suggest that I can use NFS and not base the permission on UID/GID only?

Also, it seems that map_static means I can create a file to specify the mapping...

are these 2 related... or separately used?

So if I don't have NIS service within my network, the only way out is to manually ensure all uid/gid are consistent throughout the network? Unless the above works?

thanks for your tip!
 
Old 06-25-2007, 03:21 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
i've never done uid mapping there, but i guess the first way, the server asks to the client "what uid does user bob have on your system?" and then converts the files with local uid for bob to be the rmeote one over that specific connection...

again these are going to ways to get around exisiting problems. if the problem is eradicated, you'll not have any work to do in the first place.
 
Old 06-25-2007, 05:23 AM   #5
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
Haha that's true.

I think its either a NIS solution, or I need to track all UIDs manually.

One question: Are there anyways to automate mounting of NFS drives, or do I need to enter manually the IP into the server and client?
 
Old 06-25-2007, 05:29 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
automating? autonfs can possibly cover this, but i'm not really sure what you mean.

NIS is generally being replaced by LDAP in new installations. centralized ldap user authentication would solve a huge amount of problems you don't even know exists yet...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How exactly does Linux file permission inheritance work HGeneAnthony Linux - Newbie 5 04-14-2006 11:20 AM
Permission - Folder vs. File XaViaR Linux - General 23 01-28-2006 08:54 PM
is it possible to set a fixed permission inheritance for child objects? Berkut83 Red Hat 2 01-20-2006 11:15 AM
File permission inheritance HowTo ? Satriani Linux - Security 4 11-26-2004 06:13 AM
Folder permission javamdk Slackware 9 07-07-2004 12:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 11:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration