Secondary groups not working with NFS (+LDAP) Post: 302341683

Sponsored Content

Operating Systems Linux Secondary groups not working with NFS (+LDAP) Post 302341683 by velmont on Thursday 6th of August 2009 11:04:29 AM

08-06-2009

Registered User

Secondary groups not working with NFS (+LDAP)

I�m using LDAP for groups and NFS for home dirs. My problem is as follows:
I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working.

Code:

 root@machine:/home/user# smbldap-groupshow secret
...
gidNumber: 1504
displayName: secret
memberUid: user,anotheruser
 root@machine:/home/user# su - user
 user@machine:~$ groups
users secret
 user@machine:~$ ls -ald ../secret/
drwxr-x--- 12 anotheruser secret 4096 2009-07-27 15:39 ../secret/
 user@machine:~$ cd ../secret/
bash: cd: ../secret/: Permission denied
 user@machine:~$ ls ../secret/
ls: cannot open directory ../secret/: Permission denied

But it works if I change the group to primary by hand with newgrp:

Code:

user@machine:~$ newgrp secret
user@machine:~$ cd ../secret/
user@machine:/home/secret$ ls
Nice secrets.txt

But my users cannot be expected to do this!
It works on the server holding the user files. But not over NFS.

I've tested this on clients: Ubuntu: 9.10 Karmic, 9.04 Jaunty, 8.10 Intrepid
The NFS server is running: Ubuntu 9.04 Jaunty.

velmont

View Public Profile for velmont

Find all posts by velmont

8 More Discussions You Might Find Interesting

1. HP-UX

Configure DNS,NFS,NIS,LDAP and LVM(mirror,sparing and multipathing)

Hello All, I am a newbee in HP UX wanted to know how to configure DNS,NFS,NIS,LDAP and LVM(mirror,sparing and multipathing) in HP UX 11iv2 and v3 and i did go through some of the docs on hp.com but i think those are for experience UX users and i am new to this so if some one could just mention...

2. Solaris

sudoers file with groups in LDAP

Hello gurus, I've been working on a sudoers file to work with groups in LDAP. I've created the groups in LDAP and added the users to there respective groups. I've also setup my sudoers file to have the groups match what is in LDAP. And I've added ldap to nsswitch.conf in the group line. The...

3. Red Hat

LDAP auth, secondary groups doesnt works

RedHat ELS 5.2 & Sun directory getent passwd: works toto:*:1000:100:toto:/home/toto:/bin/bash getent group: works mygroup:*:10001:1000,1001 but id toto doesnt works :( uid=1000(toto) gid=100(users) groupes=100(users) BTW in /etc/ldap.conf i use a different mapping for the posix...

4. Programming

LDAP delete - seems not working

Hi all, I am very new to ldap and am facing the below difficulty. When I try to add something to ldap, I get this: server# /opt/iexpress/openldap/bin/ldapmodify -f almondabc.ldif -h 127.0.0.1 -xv -D cn=Manager,dc=almondabc,dc=com -w secret ldap_initialize( ldap://127.0.0.1 ) add o: ...

5. Red Hat

Issues with LDAP user/group permissions on NFS share

I can't seem to make sense of this. $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.2 Beta (Tikanga) $ $ mount /dev/sda2 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on...

6. UNIX for Dummies Questions & Answers

Secondary DNS not working

hi guys I am doing some testing for DNS I got a master DNS(192.168.2.10) and I setup a slave DNS(192.168.2.11) but when I shutdown the Master DNS my linux client cannot resolve using the slave any idea way? This is the named.conf options { query-source port 53; directory...

7. UNIX for Dummies Questions & Answers

ldap , search groups that user belong

i want run query to identify witch groups that user A belong, CN=name,CN=Users,DC=mydomain ??

8. Red Hat

NFS share and groups

I am having an issue with getting the proper group settings on NFS-shared directories. NFS server, NFServe, nfs-shares hundreds of project directories...running Solaris 10 latest patches/updates. SAS server, SAServe, statistical analysis server running on RedHat 7 with latest kernel/patches/etc....

LEARN ABOUT SUSE

mount.nfs

MOUNT.NFS(8)						      System Manager's Manual						      MOUNT.NFS(8)

NAME

       mount.nfs, mount.nfs4 - mount a Network File System

SYNOPSIS

       mount.nfs remotetarget dir [-rvVwfnsh ] [-o options]

DESCRIPTION

       mount.nfs is a part of nfs(5) utilities package, which provides NFS client functionality.

       mount.nfs  is  meant to be used by the mount(8) command for mounting NFS shares. This subcommand, however, can also be used as a standalone
       command with limited functionality.

       mount.nfs4 is used for mounting NFSv4 file system, while mount.nfs is used to mount NFS file systems versions 3 or 2.   remotetarget  is  a
       server share usually in the form of servername:/path/to/share.  dir is the directory on which the file system is to be mounted.

OPTIONS

       -r     Mount file system readonly.

       -v     Be verbose.

       -V     Print version.

       -w     Mount file system read-write.

       -f     Fake mount. Don't actually call the mount system call.

       -n     Do not update /etc/mtab.	By default, an entry is created in /etc/mtab for every mounted file system. Use this option to skip making
	      an entry.

       -s     Tolerate sloppy mount options rather than fail.

       -h     Print help message.

       nfsoptions
	      Refer to nfs(5) or mount(8) manual pages.

NOTE

       For further information please refer nfs(5) and mount(8) manual pages.

FILES

       /etc/fstab	 file system table

       /etc/mtab	 table of mounted file systems

SEE ALSO

       nfs(5), mount(8),

AUTHOR

       Amit Gud <agud@redhat.com>

								    5 Jun 2006							      MOUNT.NFS(8)