[pve-devel] NFS permission question
Alexandre DERUMIER
aderumier at odiso.com
Mon Nov 12 09:04:00 CET 2012
maybe this is related to mapping in /etc/idmapd.conf ?
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: pve-devel at pve.proxmox.com
Envoyé: Lundi 12 Novembre 2012 08:55:54
Objet: [pve-devel] NFS permission question
I export a directory via NFS using the following options: rw,sync,no_subtree_check,no_root_squash
On the client, I mount it on /mn/test
I have the following setting in the /etc/group file at the client:
shadow:x:42:www-data
So the following command works without problems:
# sudo -u www-data cat /etc/shadow
# ls -l /etc/shadow
-rw-r----- 1 root shadow 733 Aug 1 19:20 /etc/shadow
I have a similar file with the same permissions on the NFS share:
# ls -l /mnt/test/etc/shadow
-rw-r----- 1 root shadow 852 Nov 12 06:43 /mnt/test/etc/shadow
# sudo -u www-data cat /mnt/test/etc/shadow
cat: /mnt/test/etc/shadow: Permission denied
Andy idea why that does not work?
Above test was done using a nfs-kernel-server.
If I use unfs3 server instead, www-data can read the file even if it is not in the shadow group!
I am a bit clueless – any ideas?
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list