| View previous topic :: View next topic |
| Author |
Message |
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
 Posted: Thu Mar 03, 2005 9:17 pm Post subject: |
 |
|
yes i did.... no changes...
| Quote: | | if you are really sure that you can access your NFS share from shell, GUI isn't running under the same euid/egid. |
yes im sure 
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
 |
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 9:19 pm Post subject: |
|
|
ok, then sorry - I cannot help you
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Fri Mar 04, 2005 2:00 pm Post subject: |
|
|
Maybe a hint - all_squash only tells the NFS server to consider all file operations as those with specified uid/gid, but the client's kernel will still try to check the permissions, so you'll have to tell the client to allow access also for your uid/gid.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Sat Mar 05, 2005 2:48 am Post subject: |
|
|
errr.... maybe you could explain better how do i do that... pliz =)
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Sat Mar 05, 2005 10:13 pm Post subject: |
|
|
| mkc wrote: | | errr.... maybe you could explain better how do i do that... pliz =) |
I'd suggest using "uid=your-uid,gid=uid" or some stuff with umask/fmask/dmask mount options, but I don't know if nfs fs type supports/accepts/uses them and I'm too lazy to RTFM.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Mon Mar 07, 2005 7:28 pm Post subject: |
|
|
Tanx for your help jkt... now the problems only are with OpenOffice... i can work with other programs normally... only open office forces me to use my own uid... its this windows-dont-let-you-decide type of beahiviour that developers should avoid...
I'll post a bug or something.. or try to get help directly from them...
tanx anyway 
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Mon Mar 07, 2005 7:35 pm Post subject: |
|
|
| mkc wrote: | | Tanx for your help jkt... now the problems only are with OpenOffice... i can work with other programs normally... only open office forces me to use my own uid... its this windows-dont-let-you-decide type of beahiviour that developers should avoid... |
and how is your setup like? I cannot beleive that oo could work differently than any other application. Anyway, how did you solved your problem?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Mon Mar 07, 2005 7:39 pm Post subject: |
|
|
i did not solved it...
Everything is working normally except with OpenOffice... If i create a document inside the exported nfs share... if i open it again, it opens read-only.
Somehow OO forces the current user id, and doesn't use the apache user, wich is the default, because of the all_squash thing.
I really must use this on this share... my boss just wants things this way, because of a internal aplication...
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Mon Mar 07, 2005 7:45 pm Post subject: |
|
|
| mkc wrote: | i did not solved it...
Everything is working normally except with OpenOffice... If i create a document inside the exported nfs share... if i open it again, it opens read-only.
Somehow OO forces the current user id, and doesn't use the apache user, wich is the default, because of the all_squash thing.
I really must use this on this share... my boss just wants things this way, because of a internal aplication... |
OK, once again, it is impossible to happen as you describe .
If you can access your files for both reading & writing from shell with the same euid/egid as some GUI application, this GUI app will be able to acces them, too. There is nothing which could prevent this behaviour. How could OO.o (which is not suid/sgid) change it's permissions?? Are you sure you haven't found a bug in OO.o which is causing read-only access to broken document, for example?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Mon Mar 07, 2005 7:54 pm Post subject: |
|
|
Maybe i did... that is why im going to post this to them....
But i don't believe i have a broken document, because it happens all the time... newly created files and old ones to!! anyway.. not sure off what is really going on...
But if i solve it... i'll post it here... for sure...!!
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Mon Mar 07, 2005 8:00 pm Post subject: |
|
|
ok, so you have some directory, say, /mnt/files, which is NFS_mounted from your NFS server. How does `ls -al /mnt/files` look like? I'm especially interrested in owner of ".", ".." directories and also in the files in this directory. And of course permissions of those, too. Are you 100% sure that both the shell and OO.o are running as the same uid/gid? Use `ps aux` to determine them.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Wed Mar 09, 2005 11:10 am Post subject: |
|
|
sorry i took so long.. but i got sick in the meanwhile....
ps aux shows me that its the same user...
you want me to do a "ls -all /mnt/files" on the server or on the client? The strange thing is evrything is working normal, except for OO.o....
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Wed Mar 09, 2005 3:46 pm Post subject: |
|
|
| mkc wrote: | | you want me to do a "ls -all /mnt/files" on the server or on the client? |
on both of them, ideally.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 10, 2005 4:30 pm Post subject: |
|
|
SERVER:
| Code: | faro root # ls -al /home/share/
total 30
drwxr-xr-x 11 root root 264 Nov 8 15:41 .
drwxr-xr-x 14 root root 376 Oct 23 13:23 ..
drwxr-xr-x 3 erhard users 104 Nov 26 10:35 cvs
drwxrwx--- 2 erhard users 24368 Dec 24 2003 fonts
drwxr-xr-x 6 erhard users 144 Feb 28 19:44 httpd
drwxrwxrwx 6 erhard users 360 Feb 23 01:12 image
drwxrwx--- 15 erhard users 536 Mar 10 15:18 company
drwxr-xr-x 19 mysql mysql 552 Mar 7 14:37 mysql
drwxr-xr-x 5 erhard users 128 Dec 22 2003 software
drwxrwxrwx 132 erhard users 4248 Mar 1 16:53 sound
drwxrwx--- 4 erhard users 1128 Jan 31 2003 template
|
CLIENT:
| Code: | ladybug mkc # ls -al /home/share/
total 34
drwxr-xr-x 11 root root 264 Nov 8 15:41 .
drwxr-xr-x 6 root root 4096 Mar 8 00:45 ..
drwxr-xr-x 3 500 users 104 Nov 26 10:35 cvs
drwxrwx--- 2 500 users 24368 Dec 24 2003 fonts
drwxr-xr-x 6 500 users 144 Feb 28 19:44 httpd
drwxrwxrwx 6 500 users 360 Feb 23 01:12 image
drwxrwx--- 15 500 users 536 Mar 10 15:18 company
drwxr-xr-x 19 mysql mysql 552 Mar 7 14:37 mysql
drwxr-xr-x 5 500 users 128 Dec 22 2003 software
drwxrwxrwx 132 500 users 4248 Mar 1 16:53 sound
drwxrwx--- 4 500 users 1128 Jan 31 2003 template
|
Does it help?
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 10, 2005 9:19 pm Post subject: |
|
|
Yep. As you can see, client sees the files as owned by uid 500 (which is not mapped to any username on client, additionaly) and group "users". AFAIK the all_squash option won't force NFS server to send this "faked" uid/gid to the clients, instead, it will only map write requersts. So, you can either persuade the NFS client to provide its own kernel (on client machine) with faked uid/gid even for existing files, or change permissions on the NFS server to allow writing to all users (or maybe some group). The first can be achieved by uid=xyz,gid=abc mount option, but I think the NFS client implementation doesn't allow them.
But maybe I'm mistaken about the NFS uid/gid advertising, and your configuration is not correct, like the all_squash option is missing or something like that... Or maybe the NFSv2 version doesn't support squashing...
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
|
Networking & Security
