Re: Strange NFS behaviour

To: debian-user@lists.debian.org
Subject: Re: Strange NFS behaviour
From: Alex Samad <alex@samad.com.au>
Date: Fri, 27 Jun 2008 07:48:57 +1000
Message-id: <[🔎] 20080626214857.GC26525@samad.com.au>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20080626131034.GB14583@samad.com.au>
References: <[🔎] 20080626131034.GB14583@samad.com.au>

On Thu, Jun 26, 2008 at 11:10:34PM +1000, Alex Samad wrote:
> I have just finished putting together a nfs server. and I am getting
> some strange results whilst testing it.
> 
> I have a partition with a directory video with permissions set to 
> 
> chown video.movies
> user alesx is a member of movies.
> 
> on the nas box I can cd to the directory and create files.
> 
> on a remote machine with this directory is mounted via nfs, when I
> enter into the directory and try and create a file I get permission
> denied.
> 
> on the client machine the userids and the groups are setup the same !
> 
> alex

Just to add some more information to this (i typed this up late last
night)

I have 3 servers and 1 laptop. I am using ldap for my userid / password
info. I am using libnss-ldapd (fork of libnss-ldap)

I have a user alex who is a member of group movies

on the nas server

I have a directory
/exports/video/tmp
drwxrwsr-x  2 video movies   20 2008-06-27 07:23 tmp

if I go to this directory and try touch HEREIAM, a file is created

now when I go to machine multimedia, which has nas:/exports/video mount
as /exports/video and I try the same thing it works

when I go to my laptop, which has the same mounts and try the same thing
I get permission denied.  And the same error when i try it from the
other server hufpuf.

I did a tcp dump on the nas box watch everything except for port 22 and
ran the same tests on all the machine a NFS ok reply is sent back after
the create request !

I ran another test on the machines that gave me access denied, I went to
a local partition and created a directory with the same permissions as
/exports/video/tmp and tried to create a file in the same manor - it
worked on all the servers

I have also looked at the mount command options (fstab) and they are the
same. I have tried reboot the machines

I don't have selinux turned on

I have looked at package versions of

libc
libnss-ldapd
mount
linux-image


I have tried stracing this command "touch d", but all I can see is a
open request and a fail or ok on the respective servers.

I am at a bit of a loss where to look now :(

help !

alex


> 
> 
> 
> -- 
> "There's no such thing as legacies. At least, there is a legacy, but I'll never see it."
> 
> 	- George W. Bush
> 01/31/2001
> speaking to Catholic leaders at the White House



-- 
"The trial lawyers are very politically powerful. ... But here in Texas we took them on and got some good medical -- medical malpractice."

	- George W. Bush
08/13/2002
Waco, TX

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Strange NFS behaviour
  - From: Alex Samad <alex@samad.com.au>

Prev by Date: Fwd: [security] Incorrect file permissions due to (now fixed) perl 5.10 issue
Next by Date: Re: Strange NFS behaviour
Previous by thread: Strange NFS behaviour
Next by thread: Re: Strange NFS behaviour
Index(es):
- Date
- Thread