AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Default ownership of new folder9/1/2023 If you prefer to use autofs service, normal users like admin do not have privilege to set automounting NFS directories using autofs service, unless they have been given special administrator privileges as like sudo users. But root has the privilege to mount the NFS exports on the client machine, by default. Root user cannot access the files in /cert, because root has been squashed to user and group: "nobody" (see /etc/exports on NFS server). You can allow collaboration among admin group members through setgid bit placed on /portalweb directory. For example uid|gid of admin in client machine = 502Īs root user: useradd -u 502 -s /sbin/nologin admin For example, most files won't be executable by anyone from the start (depending on the mode argument to the open(2) or creat(2) call), just like when using umask. Of course, it also depends on the application creating the file. Note down the admin uid and gid (primary) in client machine and use it to create an account in NFS server. All new files in /shared/directory should now get the desired permissions. It works, because nfs maps uid and gid of server with its clients, so any file permissions assigned to the exported directories will remain intact as long the uid and gid matches between the server and client for admin user and group. The non-interactive shell option will prevent admin at NFS client from gaining access to NFS server. Create user and group admin with non-interactive shell on NFS server, assuming that admin user and group exists in nfs client.
0 Comments
Read More
Leave a Reply. |