| View previous topic :: View next topic |
| Author |
Message |
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
 Posted: Wed Mar 02, 2005 6:24 pm Post subject: NFS and permissions |
 |
|
Hi all gentoo users =)
I have a NFS scheme, in wich i export /home/share, and do a all_squash, so that every file is saved with id=apache. The problems is, i can work on files in command, being a different user (because im on users group) but not with graphical tools, like jedit or openoffice.
Here is my /etc/exports:
/home/share 192.168.99.0/24(rw,sync,all_squash,anonuid=81,anongid=100)
I wish i could use openoffice (or other programs) and saving normally... and have the file read/write... How could this be done?
Tank you for your help =)
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
 |
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Wed Mar 02, 2005 7:56 pm Post subject: |
|
|
please explain some things - on which station are you working in shell? on nfs server or on client? and than the same for gui.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Wed Mar 02, 2005 8:02 pm Post subject: |
|
|
Im running both shell and gui on clients. Shell works fine.... the problem is in gui...
Different clients, with different usernames acess the server nfs share....[/i][/b]
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Wed Mar 02, 2005 8:11 pm Post subject: |
|
|
are you able to access your files from shell launched from GUI (by something like `xterm`)?
what error is displayed in GUI apps?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Wed Mar 02, 2005 8:18 pm Post subject: |
|
|
The problem is like this....
If i do a:
| Code: | | nano -w /home/share/test1.txt |
]
i can edit that file normally. if i, after saving, return in xterm and nano that file again.. i can save it...
but if i try do edit that file on jedit for example, it opens read-only.. got the picture? i think this is a weird beahaviour...[/quote][/code]
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Wed Mar 02, 2005 8:38 pm Post subject: |
|
|
And is the file being saved from the `nano` session? Are you running both GUI and shell as exactly the same user?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Wed Mar 02, 2005 10:23 pm Post subject: |
|
|
Yes i am....
For example.. i acess the nfs share in my laptop with user mkc. The files in the share get the user apache (check my export)
The thing is, when i'm in shell, it looks like he "knows" that it should use, user apache, but in gui... it uses the mkc user.
Im sure im using same user (gui and shell) in the client... 
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Wed Mar 02, 2005 10:24 pm Post subject: |
|
|
could you post output of `cat /proc/mounts` from the GUI and from shell?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Wed Mar 02, 2005 11:44 pm Post subject: |
|
|
Errr.. this is a stupid question.. but how do i do that in the gui???
Im actually using gnome terminal for "shell" =)
here the output of /proc/mounts:
| Code: | rootfs / rootfs rw 0 0
/dev/root / ext3 rw,noatime 0 0
none /dev devfs rw 0 0
proc /proc proc rw,nodiratime 0 0
sysfs /sys sysfs rw 0 0
devpts /dev/pts devpts rw 0 0
none /dev/shm tmpfs rw,nosuid,nodev,noexec 0 0
none /proc/bus/usb usbfs rw 0 0
13.69.0.1:/mnt/fileserver/ /mnt/fileserver nfs rw,v2,rsize=8192,wsize=8192,hard,udp,lock,addr=13.69.0.1 0 0
|
Im not in the exact network im trying to solve the problem, but i have a replica here... so if i solve the problem here... i could solve it there =)
tanx 4 your help by the way 
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 11:55 am Post subject: |
|
|
| mkc wrote: | Errr.. this is a stupid question.. but how do i do that in the gui???
Im actually using gnome terminal for "shell" =) |
ok . what happens if you try to `touch /mnt/fileserver/blablabla` (non-existing file)? is it created? could you post output of `ls -al /mnt/fileserver`? (I'm not intrrested in filenames, but in their permissions and permission of "." and ".." directories)
| Quote: | | Im not in the exact network im trying to solve the problem, but i have a replica here... so if i solve the problem here... i could solve it there =) |
do you have any reson to use NFSv2 and not v3?
| Quote: | | tanx 4 your help by the way |
my pleasure
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 4:08 pm Post subject: |
|
|
Ok.. now im back in the "real" network i have to fix the problem....
| Quote: | | ok what happens if you try to `touch /mnt/fileserver/blablabla |
well.. i can create the file... not in the /home/share (not any more on /mnt/fileserver) but inside a folder inside that share.
| Quote: | | could you post output of `ls -al /mnt/fileserver |
sure:
| Code: |
# ls -al /home/share/
drwxr-xr-x 11 root root 264 Nov 8 15:41 .
drwxr-xr-x 4 root root 4096 Feb 4 17:37 ..
|
About using NFSv2... how do i check what version am i using? kernel??
By the way.. i insist on this.. i can edit the file i created inside shell.. but not on gui editor......
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 4:39 pm Post subject: |
|
|
| mkc wrote: | Ok.. now im back in the "real" network i have to fix the problem....
| Quote: | | ok what happens if you try to `touch /mnt/fileserver/blablabla |
well.. i can create the file... not in the /home/share (not any more on /mnt/fileserver) but inside a folder inside that share. |
it's a directory, not a folder
| Quote: |
| Quote: | | could you post output of `ls -al /mnt/fileserver |
sure:
| Code: |
# ls -al /home/share/
drwxr-xr-x 11 root root 264 Nov 8 15:41 .
drwxr-xr-x 4 root root 4096 Feb 4 17:37 ..
|
|
you're running the `ls` as root, but it's unlikely that your GUI runs under it as well. chnage permissions of the files... you've done something wrong. how does your /etc/exports look like?
| Quote: | | About using NFSv2... how do i check what version am i using? kernel?? |
if your NFS server supports multiple protocols, client can specify which one to use. `man nfs` for details, look at "nfsver" parameter.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 4:50 pm Post subject: |
|
|
my export is on the first post... but here it is again:
| Code: | /home/share 192.168.99.0/24(rw,sync,all_squash,anonuid=81,anongid=100)
|
I can do the ls -al with normal user... im editing files inside shell with normal user.. not has root... sorry about that post...
Any more ideas?
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 4:55 pm Post subject: |
|
|
ok, what does `id` in shell say? do you have something else in the /etc/exports?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 5:00 pm Post subject: |
|
|
id outputs this:
| Code: | uid=1000(mkc) gid=100(users) groups=10(wheel),81(apache),85(usb),100(users)
|
I have ohter stuff on exports.... but they work well since its "directorys" for different company users.... Im not going to post that because i can... not allowed, sorry
Im only having problems on that export because its the one who sets to the default user "apache"... default group "users"....
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 5:28 pm Post subject: |
|
|
ok, doesn't matter. Are there any records matching IP address of the problematic client? Anything "more concrete" than /24 netmask?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 6:03 pm Post subject: |
|
|
no.. dont think so... that one line defines what clients can acess the nfs share... there is no specific IP entry to a specific client....
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 6:55 pm Post subject: |
|
|
| mkc wrote: | | no.. dont think so... that one line defines what clients can acess the nfs share... there is no specific IP entry to a specific client.... |
yep, but I aks if there is anything other in /etc/exports which is taking effect. Or maybe isn't your NFS server using current configuration...?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 7:40 pm Post subject: |
|
|
So I've tried to reproduce your setup, or rather to create what you want.
/etc/exports:
| Code: |
zirafa ~ # cat /etc/exports
# /etc/exports: NFS file systems being exported. See exports(5).
/mnt/mnt slon.basa.dejvice.czf(rw,secure,all_squash,sync,anonuid=0,anongid=0)
|
at slon (`l` is an alias to `ls -alh`):
| Code: |
jkt@slon ~/temp $ cat /proc/mounts | grep zirafa
zirafa.basa.dejvice.czf:/mnt/mnt /mnt/zirafa/mnt/mnt nfs rw,nosuid,nodev,noexec,v3,rsize=8192,wsize=8192,hard,udp,lock,addr=zirafa.basa.dejvice.czf 0 0
jkt@slon ~/temp $ touch /mnt/zirafa/mnt/mnt/ripped/ahoj
jkt@slon ~/temp $ l /mnt/zirafa/mnt/mnt/ripped
total 64K
drwxrwxrwx 2 root root 32K Mar 3 2005 .
drwxrwxrwx 5 root root 32K Mar 3 20:34 ..
-rw-r--r-- 1 root root 0 Mar 3 2005 ahoj
jkt@slon ~/temp $ id
uid=1000(jkt) gid=100(users) groups=5(tty),10(wheel),18(audio),35(games),85(usb),100(users)
jkt@slon ~/temp $ grep zirafa /etc/fstab
zirafa.basa.dejvice.czf:/mnt/mnt /mnt/zirafa/mnt/mnt nfs noauto,rsize=8192,wsize=8192,noexec,nosuid,nodev 0 0
|
EDIT: but this could be irrelevant, as /mnt/mnt is VFAT which lacks support for permissions...
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 8:21 pm Post subject: |
|
|
well... can't answer your question, because i don't understand the question... but here is a modified /etc/exports... the all one.. =)
| Code: |
cat /etc/exports
# /etc/exports: NFS file systems being exported. See exports(5).
/home/share 192.168.1.0/24(rw,sync,all_squash,anonuid=81,anongid=100)
/home/xxxxxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1001,anongid=100)
/home/xxxxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=500,anongid=100)
/home/xxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1002,anongid=100)
/home/xxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1003,anongid=100)
/home/xxxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1004,anongid=100)
/home/xxxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=500,anongid=100)
/home/xxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1005,anongid=100)
/home/xxxx 192.168.1.0/24(rw,sync,all_squash,anonuid=1006,anongid=100)
/home/archiv/share/image 192.168.1.0/24(rw,sync,all_squash,anonuid=500,anongid=100) |
The NFS server is using current configuration.... im sure! =)
sorry for the time between replys... to many things on the same time...
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 8:26 pm Post subject: |
|
|
the only difference is that you are sayng to use "root" as id and gid... for the default user...
Are you able to change files in a gui program? like in openoffice?
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 8:29 pm Post subject: |
|
|
my question - client could be matched by multiple "rules" (rows in /etc/exports), and the "most unique" line will take effect (so if you specify 192.168.1.1, it will take precedence over 192.168.1.0/24), at least IIRC . But you don't have anything like that in your configuration .
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 8:31 pm Post subject: |
|
|
| mkc wrote: | the only difference is that you are sayng to use "root" as id and gid... for the default user...
Are you able to change files in a gui program? like in openoffice? |
I'm using the all_squash only as an attempt to reproduce your problem. And i do know that there shouldn't be any difference at all in accessing files from GUI or commandline.
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
mkc
n00b
Joined: 17 Mar 2003
Posts: 33
Location: Faro - Portugal
|
| Posted: Thu Mar 03, 2005 9:03 pm Post subject: |
|
|
so... any idea of what is going wrong??
_________________
mykr0chip @ dbugs.org / Eliminar Spam |
|
| Back to top |
|
|
jkt
Retired Dev
Joined: 06 Feb 2004
Posts: 1250
Location: Prague, Czech republic, EU
|
| Posted: Thu Mar 03, 2005 9:06 pm Post subject: |
|
|
| mkc wrote: | | so... any idea of what is going wrong?? |
if you are really sure that you can access your NFS share from shell, GUI isn't running under the same euid/egid.
stupid hint: have you tried restarting the NFS daemon on server and X session on client?
_________________
cd /local/pub && more beer > /dev/mouth
Česká dokumentace |
|
| Back to top |
|
|
|
Networking & Security
