[pve-devel] NFS permission question

Dietmar Maurer dietmar at proxmox.com
Mon Nov 12 09:32:27 CET 2012


I only use NFS V3

> maybe this is related to mapping in /etc/idmapd.conf  ?
> 
> ----- Mail original -----
> 
> De: "Dietmar Maurer" <dietmar at proxmox.com>
> À: pve-devel at pve.proxmox.com
> Envoyé: Lundi 12 Novembre 2012 08:55:54
> Objet: [pve-devel] NFS permission question
> 
> 
> 
> I export a directory via NFS using the following options:
> rw,sync,no_subtree_check,no_root_squash
> 
> On the client, I mount it on /mn/test
> 
> I have the following setting in the /etc/group file at the client:
> 
> shadow:x:42:www-data
> 
> So the following command works without problems:
> 
> # sudo -u www-data cat /etc/shadow
> 
> # ls -l /etc/shadow
> -rw-r----- 1 root shadow 733 Aug 1 19:20 /etc/shadow
> 
> I have a similar file with the same permissions on the NFS share:
> 
> # ls -l /mnt/test/etc/shadow
> -rw-r----- 1 root shadow 852 Nov 12 06:43 /mnt/test/etc/shadow
> 
> # sudo -u www-data cat /mnt/test/etc/shadow
> cat: /mnt/test/etc/shadow: Permission denied
> 
> Andy idea why that does not work?
> 
> Above test was done using a nfs-kernel-server.
> 
> If I use unfs3 server instead, www-data can read the file even if it is not in the
> shadow group!
> 
> I am a bit clueless – any ideas?
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel



More information about the pve-devel mailing list