Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: NFS share and groups
Operating Systems Linux Red Hat NFS share and groups Post 302937113 by cjhilinski on Tuesday 3rd of March 2015 04:09:14 PM
Old 03-03-2015
Quote:
Originally Posted by achenle
What oops?

Not one post in this thread has shown the actual numeric IDs.

Until you know what the numeric IDs actually are, you can't tell where your problem is. Are the IDs getting changed from the server? Or the client? Or just in the ID lookup?
When an nfs-receiving system cannot resolve a groupname/gid, by default and design, it assigns that file/directory to the "nobody" group. Nobody is a real group. On RH7, it is gid 99.

What is happening is that the nfs-sharing server is providing the groupname/gid acrn/10001, and the nfs-receiving system can't understand something about that. So, it bails out and gives it to nobody.

I think you were expecting that the receiving system would list the group for the directory as 10001 but somehow think the groupname for 10001 was nobody. It doesn't work that way. The directory is nobody (gid 99).

Code:
#ls -l /data/acrn
drwxrwx--x  51 jsmithi nobody         66 Oct 24 07:24 acrn
# ls -ln /data/acrn
drwxrwx--x  51 119    99    66 Oct 24 07:24 acrn
# id -a 99
uid=99(nobody) gid=99(nobody) groups=99(nobody)

It's doing exactly what's expected because it doesn't understand or know the group acrn/10001...it gives the directory to nobody. But it does know acrn.
Code:
# id -g acrn
10001

That's the problem from the original post.
Last edited by Scott; 03-03-2015 at 06:14 PM.. Reason: Code tags, please...
 

10 More Discussions You Might Find Interesting

1. Solaris

NFS share options

Hello, I'm doing a Perl script to parse the dfstab file and find dangerous configurations (rw to everyone, root access, etc). My question is, if I have a share command like this: share -F nfs -o ro=chrome:copper:zinc,root=chrome /usr/man it means that the /usr/man is "rw" to everyone... (6 Replies)
Discussion started by: psimoes79
6 Replies

2. Red Hat

NFS share error

I got a problem while creating files on a NFS mounted share in a RHEL box. That is when I create an empty file, this is what appears on the screen ############################################### E325: ATTENTION Found a swap file by the name ".test.swp" owned by: jsmith dated: Tue... (2 Replies)
Discussion started by: rcmrulzz
2 Replies

3. Linux

Secondary groups not working with NFS (+LDAP)

I´m using LDAP for groups and NFS for home dirs. My problem is as follows: I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working. ... (0 Replies)
Discussion started by: velmont
0 Replies

4. Solaris

NFS Share - chown problem

Hi all, I had share the server Gemini /u10 to the server Centaurus. /etc/dfs/dfstab share -F nfs -o root=centaurus /u10 My problem is: in the server Gemini the the owner for /U10 is oracle:dba but when in the server Centaurus, I am not able to change the owner become oracle:dba, it show... (8 Replies)
Discussion started by: SmartAntz
8 Replies

5. UNIX for Advanced & Expert Users

du and df do not match on NFS share

Here is the scenario... NFS share that is accessed every few minutes by approx 70 systems (AIX 5.3/6.1). Filesystem space is being eaten up rapidly according to df however du numbers really never change. lsof and fuser cannot see any unlinked files on either the NFS server or remote... (3 Replies)
Discussion started by: masterpengu
3 Replies

6. Solaris

Ldom Vdisk on NFS Share

Can any one tell me how to add a virtual disk from NFS share in Ldom .. i have one share /VMshare/boot.img file shared/exported from one server but i do now know how to add nfs based vdsdev as it gives primary domain cannot validate the disk. (1 Reply)
Discussion started by: fugitive
1 Replies

7. Red Hat

How to Map AD groups to Samba share?

I am setup a samba share server which is authenticating from Active Directory. I am able to access the share with AD user but not able to access when group defined in "valid users" parameters. below are the steps i performed. In smb.conf workgroup = QASLABS password server =... (3 Replies)
Discussion started by: sunnysthakur
3 Replies

8. Red Hat

NFS share

Hi, I have an NFS server, i want to mount that nfs share which is having around 500GB to my client system. But my client system doesnt have any free space, is it possible to mount that nfs share in my client. Regards, Mastan (1 Reply)
Discussion started by: mastansaheb
1 Replies

9. UNIX for Dummies Questions & Answers

Permissions for NFS share

Hi, I have created a NFS share in Solaris 10 server1 and mounted it on solaris 10 server 2.But I want to change owner of the files from nobody to a particular user in client. Which command should I use. I have tried the following but it doesn't allow to change permissions in the server2 as... (0 Replies)
Discussion started by: Rossdba
0 Replies

10. Shell Programming and Scripting

Mount NFS Share On NFS Client via bash script.

I need a help of good people with effective bash script to mount nfs shared, By the way I did the searches, since i haven't found that someone wrote a script like this in the past, I'm sure it will serve more people. The scenario as follow: An NFS Client with Daily CRON , running bash script... (4 Replies)
Discussion started by: Brian.t
4 Replies

LEARN ABOUT SUNOS

setuid

setuid(2)							   System Calls 							 setuid(2)

NAME

       setuid, setegid, seteuid, setgid - set user and group IDs

SYNOPSIS

       #include <sys/types.h>
       #include <unistd.h>

       int setuid(uid_t uid);

       int setgid(gid_t gid);

       int seteuid(uid_t euid);

       int setegid(gid_t egid);

DESCRIPTION

       The  setuid()  function	sets the real user ID, effective user ID, and saved user ID of the calling process. The setgid() function sets the
       real group ID, effective group ID, and saved group ID of the calling process. The setegid() and seteuid() functions set the effective group
       and user IDs respectively for the calling process. See intro(2) for more information on real, effective, and saved user and group IDs.

       At  login time, the real user ID, effective user ID, and saved user ID of the login process are set to the login ID of the user responsible
       for the creation of the process. The same is true for the real, effective, and saved group IDs; they are set to the group ID  of  the  user
       responsible for the creation of the process.

       When  a process calls one of the exec(2) family of functions to execute a file (program), the user and/or group identifiers associated with
       the process can change. If the file executed is a set-user-ID file, the effective and saved user IDs of the process are set to the owner of
       the  file  executed.  If the file executed is a set-group-ID file, the effective and saved group IDs of the process are set to the group of
       the file executed. If the file executed is not a set-user-ID or set-group-ID file, the effective user ID, saved user  ID,  effective  group
       ID, and saved group ID are not changed.

       If  the	{PRIV_PROC_SETID}  privilege is asserted in the effective set of the process calling setuid(), the real, effective, and saved user
       IDs are set to the uid argument.  If the uid argument is 0 and none of the saved, effective or  real  UID  is  0,  additional  restrictions
       apply. See privileges(5).

       If  the	{PRIV_PROC_SETID}  privilege  is not asserted in the effective set, but uid is either the real user ID or the saved user ID of the
       calling process, the effective user ID is set to uid.

       If the {PRIV_PROC_SETID} privilege is asserted in the effective set of the process calling setgid(), the real, effective, and  saved  group
       IDs are set to the gid argument.

       If  the	{PRIV_PROC_SETID} privilege is not asserted in the effective set, but gid is either the real group ID or the saved group ID of the
       calling process, the effective group ID is set to gid.

RETURN VALUES

       Upon successful completion, 0 is returned. Otherwise, -1 is returned and errno is set to indicate the error.

ERRORS

       The setuid() and setgid() functions will fail if:

       EINVAL	       The value of uid or gid is out of range.

       EPERM	       For setuid() and seteuid(), the {PRIV_PROC_SETID} privilege is not asserted in the effective set of the calling process and
		       the uid argument does not match either the real or saved user IDs, or an attempt is made to change to UID 0 and none of the
		       existing UIDs is 0, in which case additional privileges are required.

		       For setgid() and setegid(), the {PRIV_PROC_SETID} privilege is not asserted in the effective set and the gid argument  does
		       not match either the real or saved group IDs.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Standard			   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Async-Signal-Safe 	   |
       +-----------------------------+-----------------------------+

SEE ALSO

       intro(2), exec(2), getgroups(2), getuid(2), stat.h(3HEAD), attributes(5), privileges(5), standards(5)

SunOS 5.10							    20 Jan 2003 							 setuid(2)
All times are GMT -4. The time now is 10:50 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy