[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NFS permissions question



Christian Convey wrote:
My understanding of NFS permissions is that for any file appearing on an NFS share, the username/uid and groupname/gid mappings should (ideally) be identical on both the NFS client and the NFS server.

So consider my home situation: I'm running two computers, each with local security files.

I have four users: "alvin", "benny", "charles", and "david".
I have several groups: "users" and "chefs" and "busboys".

I want to define an NFS share that "alvin" and "benny" can use. My *expectation* at the time I'm setting this up is that any files appearing on those shares will have a group-owner of "chefs".

So I go through, and ensure that "alvin" and "benny" each have the same uid on both computers. I go through and ensure that "chefs" has the same gid on both computers.

Is there a good way for me to ensure that alvin doesn't create, on the shares, a file owned by the busboys group?

I probably completely misunderstand what you want, but wouldn't making
the shares owned by group "chefs", and setting the setgid bit on the director fix it? (that would probably have to be don on the NFS server)


$ mkdir audio
$ chown joostje:audio audio
$ chmod g+s audio
$ chmod g+w audio
$ cd audio/
$ touch file

$ su otheruser
[...]
$ touch otherfile

$ ls -al
total 8
drwxr-sr-x  2 joostje   audio   4096 2004-11-18 22:58 .
drwxr-xr-x  7 joostje   joostje 4096 2004-11-18 22:58 ..
-rw-r--r--  1 joostje   audio      0 2004-11-18 22:58 file
-rw-r--r--  1 otheruser audio      0 2004-11-18 22:59 otherfile

i.e. both users "joostje" and "otheruser" can write to the dir audio, and all files are owned by group "audio".

--
Groetjes
joostje
47d3fcfe28f2a83497e79d9bc7d5087c-4a1ee1fddab4648175518cb4c1c9edb3ed0e89f0



Reply to: