OT - NFS group ignored
Emmett Culley
lst_manage at webengineer.com
Sat Jul 25 19:41:09 UTC 2015
I just noticed that when accessing an NFS mount, the group is ignored.
For example, on the server that shares the files via NFS that lists from the NFS client as:
$ ls -l/nfs/web
-rw-rw-r-- 1 root web_prog 491 Oct 16 2012 parse.php
$ mount
web:/ on /lvh1/web type nfs4 (rw,noatime,vers=4.0,rsize=524288,wsize=524288,namlen=255,soft,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.6.12,local_lock=none,addr=192.168.6.232)
A user on the client machine that is a member of group web_prog cannot write the file (parse.php). If the user is changed from root to the client user's UID via chown on the server, the user on the client machine can then write the file.
The server is on CentOS 7 and the client is on Fedora 21. If I do the same test from a CentOS 7 or CentOS 6 machine client, it works as expected. That is, the group permissions are honoured by the NFS client on those non-Fedora machines.
So, I figure there is something wrong with my Fedora NFS configuration. Nothing shows up that is related to this issue when searching the Internet.
What I have tried:
Insure that Domain in /etc/idmapd.conf is the same on both client and server. Though the fact that the user ID is honoured would indicate that is correct.
Insured that the numerical user ID and group ID match on both client and server, even though until now I always assumed that idmapd did not require the numerical IDs to match with NFS4
Any help would be appreciated.
Emmett
More information about the users
mailing list