[pve-devel] NFS permission question
Dietmar Maurer
dietmar at proxmox.com
Mon Nov 12 08:55:54 CET 2012
I export a directory via NFS using the following options: rw,sync,no_subtree_check,no_root_squash
On the client, I mount it on /mn/test
I have the following setting in the /etc/group file at the client:
shadow:x:42:www-data
So the following command works without problems:
# sudo -u www-data cat /etc/shadow
# ls -l /etc/shadow
-rw-r----- 1 root shadow 733 Aug 1 19:20 /etc/shadow
I have a similar file with the same permissions on the NFS share:
# ls -l /mnt/test/etc/shadow
-rw-r----- 1 root shadow 852 Nov 12 06:43 /mnt/test/etc/shadow
# sudo -u www-data cat /mnt/test/etc/shadow
cat: /mnt/test/etc/shadow: Permission denied
Andy idea why that does not work?
Above test was done using a nfs-kernel-server.
If I use unfs3 server instead, www-data can read the file even if it is not in the shadow group!
I am a bit clueless - any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20121112/a5cbcda8/attachment.htm>
More information about the pve-devel
mailing list