On 07/26/15 07:38, Emmett Culley wrote: > On 07/25/2015 02:01 PM, Ed Greshko wrote: >> On 07/26/15 03:41, Emmett Culley wrote: >>> I just noticed that when accessing an NFS mount, the group is ignored. >>> >>> For example, on the server that shares the files via NFS that lists from >>> the NFS client as: >>> >>> $ ls -l/nfs/web >>> -rw-rw-r-- 1 root web_prog 491 Oct 16 2012 parse.php >>> >>> $ mount >>> web:/ on /lvh1/web type nfs4 >>> (rw,noatime,vers=4.0,rsize=524288,wsize=524288,namlen=255,soft,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.6.12,local_lock=none,addr=192.168.6.232) >>> >>> >>> A user on the client machine that is a member of group web_prog cannot >>> write the file (parse.php). If the user is changed from root to the client >>> user's UID via chown on the server, the user on the client machine can then >>> write the file. >>> >>> The server is on CentOS 7 and the client is on Fedora 21. If I do the same >>> test from a CentOS 7 or CentOS 6 machine client, it works as expected. >>> That is, the group permissions are honoured by the NFS client on those >>> non-Fedora machines. >>> >>> So, I figure there is something wrong with my Fedora NFS configuration. >>> Nothing shows up that is related to this issue when searching the Internet. >>> >>> What I have tried: >>> >>> Insure that Domain in /etc/idmapd.conf is the same on both client and >>> server. Though the fact that the user ID is honoured would indicate that >>> is correct. >>> >>> Insured that the numerical user ID and group ID match on both client and >>> server, even though until now I always assumed that idmapd did not require >>> the numerical IDs to match with NFS4 >>> >>> Any help would be appreciated. >> What is the output of "ls -l /nfs/we" after you have performed the mount? >> >> Remember, the UID/GID are held in the file system itself. Before you mount, >> it will be the UID/GID of the mount point and after you mount it will be the >> UID/GID held by the newly mounted file system. >> >> > The results of ls -l on a file in the NFS share is provided above (from the > client machine). > > The results of ls -ld (from the client machine) is: > > drwxrwsr-x 12 root web_prog 4096 Jul 25 13:28 /nsf/web
Does it help if you remove the sticky bit on the mounted directory? > > My fedora user is definitely a member of the web_prog group and both the > client and the server have the same numeric GID for that group. > > I don't know if this is something new as I recently moved some files to a new > server (CentOS 6 to CentOS 7), and previous to the move my Fedora user owned > those files on the old server. And I only just now discovered this issue. > > I also reinstalled Fedora 21 from scratch after attempting to try Fedora 22, > and finding Fedora 22 not ready for prime time. Which further makes me > suspect a configuration issue. > > BTW, am I wrong that idmapd should not require synchronized UIDs and GIDs > between client and server, at least for NFS4? The only thing I've needed to change in the default idmapd.conf is the Domain setting. -- If I wanted a blog or social media I'd go elsewhere -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
