[pve-devel] NFS permission question

Alexandre DERUMIER aderumier at odiso.com
Mon Nov 12 09:04:00 CET 2012


maybe this is related to mapping in /etc/idmapd.conf  ?

----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: pve-devel at pve.proxmox.com 
Envoyé: Lundi 12 Novembre 2012 08:55:54 
Objet: [pve-devel] NFS permission question 



I export a directory via NFS using the following options: rw,sync,no_subtree_check,no_root_squash 

On the client, I mount it on /mn/test 

I have the following setting in the /etc/group file at the client: 

shadow:x:42:www-data 

So the following command works without problems: 

# sudo -u www-data cat /etc/shadow 

# ls -l /etc/shadow 
-rw-r----- 1 root shadow 733 Aug 1 19:20 /etc/shadow 

I have a similar file with the same permissions on the NFS share: 

# ls -l /mnt/test/etc/shadow 
-rw-r----- 1 root shadow 852 Nov 12 06:43 /mnt/test/etc/shadow 

# sudo -u www-data cat /mnt/test/etc/shadow 
cat: /mnt/test/etc/shadow: Permission denied 

Andy idea why that does not work? 

Above test was done using a nfs-kernel-server. 

If I use unfs3 server instead, www-data can read the file even if it is not in the shadow group! 

I am a bit clueless – any ideas? 


_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 



More information about the pve-devel mailing list