wahur Posted December 27, 2004 Report Share Posted December 27, 2004 (edited) Tried exporting a directory using nfs. (server is mdk9.2 and client mdk10.1) Client can mount the directory OK but... if I open file in that directory it is read-only. If I create a file and try to save it in the directory, i get an error message like "Such file does not exist". Directory is exported rw, it is mounted rw, it is owned by root/fileshare and user belongs to the group fileshare. All relevant user/group id-s match on server and client. Any ideas? Wahur Edited December 28, 2004 by wahur Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 27, 2004 Report Share Posted December 27, 2004 Tried exporting a directory using nfs. (server is mdk9.2 and client mdk10.1)Client can mount the directory OK but... if I open file in that directory it is read-only. If I create a file and try to save it in the directory, i get an error message like "Such file does not exist". Directory is exported rw, it is mounted rw, it is owned by root/fileshare and user belongs to the group fileshare. All relevant user/group id-s match on server and client. Any ideas? Wahur <{POST_SNAPBACK}> The mount inherits permissions from the folder it is mounted to... so if its /mnt/fileshare then the user needs permissions on /mnt/fileshare... however its a puzzle because its usually saying the filesystem is readonly... can you write a root? (I know this isn't a solution long term) also perhaps the NFS versions are causing probs... you can probably update the nfs-server to the latest as in the client too? Quote Link to comment Share on other sites More sharing options...
wahur Posted December 28, 2004 Author Report Share Posted December 28, 2004 The mount inherits permissions from the folder it is mounted to...so if its /mnt/fileshare then the user needs permissions on /mnt/fileshare... /mnt/fileshare is owned by root/fileshare same with original folder exported root can write to the folder (it is exported no_root_squash) also perhaps the NFS versions are causing probs... you can probably update the nfs-server to the latest as in the client too? Eeee... I would probably have to update all of the box for this? 'Cause all of the updates have been applied anyway? Now this would mean my winter vacation completely FUBAR. If I can avoid it, I will. Wahur, would like to get a life :-)) Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 28, 2004 Report Share Posted December 28, 2004 The mount inherits permissions from the folder it is mounted to...so if its /mnt/fileshare then the user needs permissions on /mnt/fileshare... /mnt/fileshare is owned by root/fileshare same with original folder exported root can write to the folder (it is exported no_root_squash) also perhaps the NFS versions are causing probs... you can probably update the nfs-server to the latest as in the client too? Eeee... I would probably have to update all of the box for this? 'Cause all of the updates have been applied anyway? Now this would mean my winter vacation completely FUBAR. If I can avoid it, I will. Wahur, would like to get a life :-)) <{POST_SNAPBACK}> Yep Im at my mums for the vacation period too. However I think you should be able to urpmi *only* the nfs stuff into the 9.x box.... I had real probs with this myself under Mandrake and since not having NFS meant I had no music or video I ended up wiping everything and installing debian .. (took a few hours mainly netinstall but /me at least relaxing :D) Im pretty convinced its something wierd in the msec stuff, in the 10.1, I just didn't have the time or patience at the time! When I did this under deb I used the SAME exports file and it just worked as expected so Im sure its some weird security setting. Somewhere I guess they must be documented ? Expect more of this since MDK announced aiming for a Cat 5 security certification .... However I guess if you find out what is blocking it (pam? msec etc. ) you should be able to get it working.... the question being how much time you have.... Quote Link to comment Share on other sites More sharing options...
wahur Posted December 28, 2004 Author Report Share Posted December 28, 2004 msec sounds like a good idea. Never seen such a nasty, sneaking bastard-software before, mucking with things it should not touch... But how to find out? Quote Link to comment Share on other sites More sharing options...
wahur Posted December 28, 2004 Author Report Share Posted December 28, 2004 Heh, its a little bit like talking to myself, but seems like the prob is solved. Checked msec settings on my laptop. There was no rule about /mnt/fileshare so I made one. It was possible to save files now, but with incorrect ownership, ie user/user, not user/fileshare. So I went to look for msec settings in server. It appeared that there was msec rule for /fileshare, but with SGID flag missing. So I amended that and now everything works like it should. Lets see if this is permanent success or it will disappear as soon as I have to reboot the client. Anyway, thanks, Gowator, your hint about msec was invaluable! Wahur, can now have a life, hopefully, at least for vacation :-)) Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 28, 2004 Report Share Posted December 28, 2004 Heh, its a little bit like talking to myself, but seems like the prob is solved. Checked msec settings on my laptop. There was no rule about /mnt/fileshare so I made one. It was possible to save files now, but with incorrect ownership, ie user/user, not user/fileshare. So I went to look for msec settings in server. It appeared that there was msec rule for /fileshare, but with SGID flag missing. So I amended that and now everything works like it should. Lets see if this is permanent success or it will disappear as soon as I have to reboot the client. Anyway, thanks, Gowator, your hint about msec was invaluable! Wahur, can now have a life, hopefully, at least for vacation :-)) <{POST_SNAPBACK}> I guess everyone is on vacation.... your determination payed off though. Its crap like this that stopped me using Mandrake ..... For me if you can't just follow the nfs documents because Mandrake have already decided how you can share then its not worth using the distro.... I prefer to choose what I use and what I don't not have it forced on me like Mandrake have started doing! I guess Mandrake 10.2 will just be used on a 'test' machine.... since Mandrake now has too many surprises. Quote Link to comment Share on other sites More sharing options...
wahur Posted December 28, 2004 Author Report Share Posted December 28, 2004 Nah, I was too optimistic... Went to check other boxes (Mdk as well). It now works here in my box but not in the others... Guess you are right about Mdk, but it was my first distro quite some time ago (8.0 was it?), I learned to rely on its (administrative) bells&whistles and have had no time for more serious learning (being sysadmin here is just my side-duty). So I feel a bit trapped. Probably should take a serious look at Debian for further server work - Mandrake would still make a good desktop and for newer laptops its bleeding edge policy is unbeatable, too (well there is Gentoo but enough is enough). But for this I would need few months of relatively quiet time in my main biz which just does not happen. Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 28, 2004 Report Share Posted December 28, 2004 Nah, I was too optimistic... Went to check other boxes (Mdk as well). It now works here in my box but not in the others...Guess you are right about Mdk, but it was my first distro quite some time ago (8.0 was it?), I learned to rely on its (administrative) bells&whistles and have had no time for more serious learning (being sysadmin here is just my side-duty). So I feel a bit trapped. Probably should take a serious look at Debian for further server work - Mandrake would still make a good desktop and for newer laptops its bleeding edge policy is unbeatable, too (well there is Gentoo but enough is enough). But for this I would need few months of relatively quiet time in my main biz which just does not happen. <{POST_SNAPBACK}> Yep I started with 7.0 after changing from RedHat which I'd used since RH 5.2 but post 9.0 they just seem to have drifted into forcing you to use their config tools etc. .. first they removed linuxconf ?? now webmin no longer works... (since presumably the extra security is needed ...) in future it appears that you will almost need Mandrklae server for mandrake clients to connect?? The weird thing is if you use the Mandrake share home directory it works over NFS?? but when you add your own it doesn't. Personally I can't be bothered learning all new tools just for Mandrake and it also feels like you're being forced into it too ... I find Deb pretty good but Im sure slackware/gentoo etc. are good too.... I just don't like anything propreirtry since like you I just don't have time, I guess you need to just work out the security on all the clients now... so be sure to post back any sucesses for everyone else.... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.