Re: problem with NFS

[Glynn Clements <glynn@gclements.plus.com>]

Luca Ferrari wrote:

> I've got a suse linux server where I exported a root-created directory as 
> follows:
> 
> server:~ # ls -ald /vol2/backup_opensco/
> drwxr-xr-x  2 root root 48 Sep 15 17:23 /vol2/backup_opensco/
> server:~ # cat /etc/exports
> /vol2/backup_opensco 192.168.201.63(rw,sync)
> 
> 
> and an old opensco server (192.168.201.63) that should be able to mount the 
> exported directory. Now I execute the following command on the sco server:
> # mount -f NFS 192.168.201.1:/vol2/backup_opensco /mnt
> # mount
> / on /dev/root read/write on Fri Sep 15 15:04:32 2006
> /stand on /dev/boot read only on Fri Sep 15 15:04:33 2006
> /mnt on 192.168.201.1:/vol2/backup_opensco read/write on Fri Sep 15 17:36:17
> 
> Now the filesystem is mounted in read-write mode, and it belongs to root: 
> # ls -ald /mnt
> drwxr-xr-x   2 root     root          48 Sep 15 16:23 /mnt
> 
> but I cannot write to it!
> 
> # cd /mnt
> # echo "ciao" > ciao.txt
> ciao.txt: cannot create
> 
> Anyone can explain me why? I guess the NFS exporting is right, and also the 
> mounting, but it looks like there's a problem with owner and group. Any idea?

By default, NFS treats root accounts as disjoint, i.e. root on the
client isn't the same as root on the server; any remote accesses as
root are mapped to the "nobody" account. As the directory is only
writable by root, you can't write to it from the client.

You can disable this behaviour by adding the no_root_squash option to
the export. However, bear in mind that this represents a security
risk; if possible, it's better to change the ownership of the exported
files so that they can be modified by a non-root account.

-- 
Glynn Clements <glynn@gclements.plus.com>