[OpenIndiana-discuss] ZFS / NFS & chown

Gabriele Bulfon gbulfon at sonicle.com
Thu Jun 30 13:10:53 UTC 2011


I found the reason :)
NFS4 enforce security, with domain management I don't know about...
If the client and server support NFS4, they will agree version 4.
Just use "-o vers=3" on the client when mounting, and they'll go version 3.
This will let me do everything I did on NFS in the past :)
I will like to go deeper in version 4 security enforcement.
Gabriele.
----------------------------------------------------------------------------------
Da: cwjordanoi at cox.net
A: Discussion list for OpenIndiana
Gabriele Bulfon
Data: 20 giugno 2011 13.34.18 CEST
Oggetto: Re: [OpenIndiana-discuss] ZFS / NFS &chown
Been a while since I've done this, looks like there is a better way, you want to set the "root=" option, like:
pfexec zfs set sharenfs='rw=192.168.1.0/24,root=192.168.1.30/32' tank/share (from http://allanfeid.com/content/ultimate-file-server-opensolaris-and-zfs)
Also see share_nfs(1M) which says:
root=access_list
Only  root  users  from  the  hosts   specified   in
access_list have root access. See access_list below.
By default, no host has root access, so  root  users
are mapped to an anonymous user ID (see the anon=uid
option described above). Netgroups can  be  used  if
the  file system shared is using UNIX authentication
(AUTH_SYS).
If that doesn't do what you want, then post how you have it set up now, maybe there is something else wrong?
Chris Jordan
---- Gabriele Bulfon
wrote:
Maybe. Should I -maproot to the storage root?
But, again, root is a role in openindiana...will it work?
----------------------------------------------------------------------------------
Da: cwjordanoi at cox.net
A: Discussion list for OpenIndiana
Cc: Gabriele Bulfon
Data: 19 giugno 2011 13.27.23 CEST
Oggetto: Re: [OpenIndiana-discuss] ZFS / NFS &chown
Usually by default nfs maps root requests to the nobody account for  security reasons. You may change that behavior with the -maproot option.  Perhaps you need to set that?
Chris Jordan
---- Gabriele Bulfon
wrote:
The client system accessing the NFS share, has root access, rw.
What happens, is I can't chown to any of this client users, receiving a permission to chown denied.
If I have user "jim" on the client with uid=1324, I exepct to chown my jim files from the client,
and from the storage view, see these files with just uid=1324, no matter if I have this user
on the storage.
I just mounted the share as root, and started replicating a local filesystem into the NFS/ZFS share,
through a "find . -print | cpio -pcduvm /mnt", where many different permissions/owners reside.
What's wrong?
----------------------------------------------------------------------------------
Da: Lucas Van Tol
A: openindiana-discuss at openindiana.org
Data: 18 giugno 2011 9.44.37 CEST
Oggetto: Re: [OpenIndiana-discuss] ZFS / NFS &chown
Could you just chown to UID's; or from a system with root access to the share?
To: openindiana-discuss at openindiana.org
From: gbulfon at sonicle.com
Date: Fri, 17 Jun 2011 23:01:21 +0200
Subject: [OpenIndiana-discuss] ZFS / NFS &chown
Hi, maybe a silly question.
Sharing a ZFS volume, I can't chown to client users. I obviously don't want to map each and every client user id into the storage.....what am I missing?
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss


More information about the OpenIndiana-discuss mailing list