- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: How to correctly setup NFS folder permissions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I've read recently that NFS might be more performant than SMB. Since I'm on linux, I wanted to give it a go. I'm on a RN102 running Readynas 6.10.3.
Here is my setup on the NAS:
- NFS activated globally
- NFS active on one share "MyDir" with AnyHost having read/write access, no root squash
- "MyDir" has the file access set to use "MyUser" and group "MyGroup"
- "MyUser" also has read/write access checkbox checked.
- "MyUser" has UID 1000 and has the primary group "MyUser" with GID 1000
On the client side:
- I have a "MyUser" user with the UID 1000 and GID 1000
- my /etc/fstab contains
<nas-ip>:/NAS-VOLUME/MyDir /media/MyDir nfs defaults 0 0
- I've created a /media/MyDir and set the "MyUser" as owner and group
# sudo chown MyUser:MyUser /media/MyDir
$ ls -l /media/ drwxr-xr-x 2 MyUser MyUser 4096 Dec 6 16:45 MyDir
Mounting the share is no problem, I can list the content of MyDir, but I can't access the content of subfolders. They are owned by the NAS' admin user with UID 98 it seems.
# sudo mount /media/MyDir $ ls -l /media/MyDir total 0 drwxrwx--- 1 98 98 42 Oct 7 20:42 Desktop drwxrwx--- 1 98 98 416 Nov 22 21:44 Downloads $ ls -l /media/MyDir/Desktop ls: cannot open directory '/media/MyDir/Desktop': Permission denied
How can I change this, or make sure I can access these files as "MyUser" on the client?
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If I am understanding you correctly, you have already configured the share to be owned by MyUser/MyGroup.
What you need to do to apply that setting to all the existing subfolders and files is to click on the "reset" control on the file access share for the share.
Though the warning says it will change permissions to the defaults, you'll find it actually resets the owner/group to the configured value (MyUser/MyGroup in your case).
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If I am understanding you correctly, you have already configured the share to be owned by MyUser/MyGroup.
What you need to do to apply that setting to all the existing subfolders and files is to click on the "reset" control on the file access share for the share.
Though the warning says it will change permissions to the defaults, you'll find it actually resets the owner/group to the configured value (MyUser/MyGroup in your case).
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
Thank you so much, that did the trick, and I'm glad I ended up asking.. would never have found that trick.
Can't edit my first post, I mixed the MyUser and MyGroup a little, but you got it still.
BTW, I'm also glad I tried NFS, it seems to yield much better performances.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
Quick follow-up question regarding the permissions.
I'm very confused about how this all works.
I've realized that if I setup:
- File Access > Security tab:
- Folder owner: root
- Folder group: root
- read/write access to MyUser (reminder, MyUser is setup on the NAS with the same UID and GID as a user MyUser on the client)
- read/write account to folde owner
- read/write account to folder group
---> Then click Reset > "Reset permissions" to apply permissions to all folders and subfolders
- Network Access tab:
- Host: my client IP
- Advanced:
- Root squash with UID and GUI left empty.
With the above, I can effectively read/write the files on the client, with MyUser.
The permissions when I mount the folder are the following:
> MyUser$ ls -la ./ drwxrwx--- 1 root root 200 Oct 7 20:16 Some_Folder
Also important to note, MyUser on the client is not member of root group.. So I don't understand how it is possible for this user to access those files. It seems that the server settings, although not visible on the client, overwrite the settings that my local system know.
If I change any of the "File Access" settings above (like removing the read/write account to folder group) then MyUser cannot access the files on the client any more. Do you know why? This also doesn't make sense to me.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
Did you also look at the ACL?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
Thanks for the hint. Is there any way to see/set them from the UI? My goal was to modify things from ssh as little as possible.
Here is the result of getfacl for the same Some_Folder as above:
# getfacl /NAS/Some_Folder/ getfacl: Removing leading '/' from absolute path names # file: NAS/Some_Folder/ # owner: root # group: root user::rwx user:MyUser:rwx group::rwx group:MyUser:rwx mask::rwx other::--- default:user::rwx default:user:MyUser:rwx default:group::rwx default:group:MyUser:rwx default:mask::rwx default:other::---
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
Some additional info about the acl when I change the File Access:
When I remove the r/w on folder owner and folder group:
user::--- user:MyUser:rwx #effective:--- group::--- group:MyUser:rwx #effective:--- mask::--- other::--- default:user::--- default:user:MyUser:rwx #effective:--- default:group::--- default:group:MyUser:rwx #effective:--- default:mask::--- default:other::---
The effective is then, no rights for MyUser.
When I set back the r/w permission for folder owner and group, and remove the r/w permission on MyUser:
user::rwx group::rwx mask::rwx other::--- default:user::rwx default:group::rwx default:mask::rwx default:other::---
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to correctly setup NFS folder permissions
@titimoi wrote:
Thanks for the hint. Is there any way to see/set them from the UI? My goal was to modify things from ssh as little as possible.
You are setting them via the UI (as you saw above). But you can't see the actual ACL, just the GUI representation.