Interesting question on nfs permissions
I have come across an interesting ( :confused: ) and difficult problem with
an nfs mount; maybe someone has an idea.
THe basic situation is that I have one linux box (running MDK 8.2, but that's
probably not relevant) that I have just set up as a file server, and a second
linux box (running Debian Woody, but again prob. not relevant) that I will
use as my workstation.
The server exports its /home partition via both samba and nfs, so that my
home directories are accessible across the network. To access one's files
from the workstation, I use symlinks from /home. Thus, on the debian
workstation, /home/nl is a symlink to /nfs/nl, and obviously the nfs share
from the server is mounted onto /nfs.
Here's the problem: I used mkisofs to make an iso file with some things I
wanted to burn to a cd, and then issued the appropriate cdrecord command,
which failed due to a permission error on the iso file to burn.
The reason is, obviously, that cdrecord is setuid root, and so the attempt to
open the iso file on the nfs share appeared to come from root, and with
root_squash on the nfs export, it couldn't get at the file.
My thoughts as solutions are:
1. disable root_squash for any workstation that has a cdburner and thus might
be subject to this problem (not a great idea, although since it's my home LAN
and only I have root passwords, I could do this).
2. make cdrecord NOT setuid root. Since I have the cd burner owned by root,
group cdrom, and my user account has the cdrom group, I should be able to
write to it, but I don't know if cdrecord needs setuid root for other
purposes.
3. Keep a local tmp folder, and whenever I make an iso file, just do so to
that tmp directory, and burn the cd from there - or even just get in the
habit of piping the output of mkisofs onto cdrecord directly.
Any thoughts or suggestions?
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: