Prev: Why is Hulu better with Windows?
Next: desktop picture resetting itself
From: Philipp Kraus on 8 May 2010 17:11
Hello,

I'm running 2 Gentoo systems with kernel 2.6.33.3 and .2. The server
(.3) exports some directories
via NFS. I have setup some dirs with ACLs, in which a group gets full
access. On the NFS client (.2)
I can mount the NFS exports, but I can't see any ACLs. In both kernels
the NFS and ACL support
is compiled like a modul.

On the client getfacl shows:
# owner: root
# group: media
user::rwx
group::rwx
other::---

on the server:
# owner: root
# group: media
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
default:other::---

the export is set to:
/mnt/storage/nas192.168.94.0/24(async,acl,no_subtree_check,no_root_squash,rw,anonuid=65534,anongid=65533)

If

I create a file or dir on the NFS client, the ACLs would be set
correctly on the server, but the client don't see any ACL

Does anyone know how to solve the problem?

Thanks

Phil

From: Chris Davies on 8 May 2010 18:26
Philipp Kraus <philipp.kraus(a)flashpixx.de> wrote:
> I'm running 2 Gentoo systems with kernel 2.6.33.3 and .2. The server
> (.3) exports some directories via NFS. I have setup some dirs with ACLs,
> in which a group gets full access [...]

Have you got --manage-gids set on the server's rpc.mountd? Read about
it in the manpage.

Chris
From: Philipp Kraus on 9 May 2010 10:12
On 2010-05-09 00:26:25 +0200, Chris Davies <chris-usenet(a)roaima.co.uk> said:

> Philipp Kraus <philipp.kraus(a)flashpixx.de> wrote:
>> I'm running 2 Gentoo systems with kernel 2.6.33.3 and .2. The server
>> (.3) exports some directories via NFS. I have setup some dirs with ACLs,
>> in which a group gets full access [...]
>
> Have you got --manage-gids set on the server's rpc.mountd? Read about
> it in the manpage.

Yes, I had setup the -g flag into /etc/conf.d/nfs under OPTS_RPC_MOUNTD
but I can't see
all user and group ride on the NFS client. The NFS client gets uids and
gid via LDAP, so
every user can work on the client, but the ACLs are not there

Thanks

From: Chris Davies on 9 May 2010 16:08
> Have you got --manage-gids set on the server's rpc.mountd? Read about
> it in the manpage.

Philipp Kraus <philipp.kraus(a)flashpixx.de> wrote:
> Yes, I had setup the -g flag into /etc/conf.d/nfs under OPTS_RPC_MOUNTD
> but I can't see all user and group ride on the NFS client. The NFS
> client gets uids and gid via LDAP, so every user can work on the client,
> but the ACLs are not there

The point of the --manage-gids (-g) flag is that the client group ids
are *ignored* and replaced by the corresponding group ids on the
server.

Chris
From: Philipp Kraus on 9 May 2010 17:24
On 2010-05-09 22:08:34 +0200, Chris Davies <chris-usenet(a)roaima.co.uk> said:

>> Have you got --manage-gids set on the server's rpc.mountd? Read about
>> it in the manpage.
>
> Philipp Kraus <philipp.kraus(a)flashpixx.de> wrote:
>> Yes, I had setup the -g flag into /etc/conf.d/nfs under OPTS_RPC_MOUNTD
>> but I can't see all user and group ride on the NFS client. The NFS
>> client gets uids and gid via LDAP, so every user can work on the client,
>> but the ACLs are not there
>
> The point of the --manage-gids (-g) flag is that the client group ids
> are *ignored* and replaced by the corresponding group ids on the
> server.

Okay, but my LDAP "syncs" the IDs, so I don't need the -g flag, do I?
I think the client doesn't get the ACL, but how can I show a log?
Which options must be selected to use ACLs over NFS. In the kernel
all ACL options are selected. I had found some articles about XFS
and ACL, in which this combination went wrong, but all articles are
for kernels previous 2.6.27. I can switch the filesystem to another
system like ext, but it's a lot of work, so I wouldn't do this at this time.

Do you have any idea?

Thanks

Phil

 |  Next  |  Last
Pages: 1 2
Prev: Why is Hulu better with Windows?
Next: desktop picture resetting itself