NFS - some success
Rick Stevens
rstevens at vitalstream.com
Wed Sep 7 16:30:18 UTC 2005
brad.mugleston at comcast.net wrote:
> On Tue, 6 Sep 2005, gerrynix wrote:
>
>
>>
>>--- Rick Stevens <rstevens at vitalstream.com> wrote:
>>
>>
>>>brad.mugleston at comcast.net wrote:
>>>
>>>>On Tue, 6 Sep 2005, Rick Stevens wrote:
>>>>
>>>>
>>>>
>>>>>brad.mugleston at comcast.net wrote:
>>>>>
>>>>>
>>>>>>Well, with your help I finally got NFS working- mostly - my
>>>>>>problem was a services issue - I looked at both machines and set
>>>>>>them up the same and then it worked.
>>>>>>
>>>>>>I can now see the shared drived from my client machine but I
>>>>>>can't write to them (even as root on my client machine).
>>>>>>
>>>>>>/etc/exports (Server)
>>>>>>/music 192.168.1.0/255.255.255.0(rw)
>>>>>>/photos 192.168.1.0/255.255.255.0(rw)
>>>>>
>>>>>Er, you want to add "no_root_squash" to those to give the root user on
>>>>>the clients full access. Otherwise, root on the clients gets mapped to
>>>>>UID/GID nobody.
>>>>>
>>>>>
>>>>>
>>>>>>/etc/fstab (client)
>>>>>>192.168.1.55:/music /mnt/music nfs rw,hard,intr 0 0
>>>>>>c1911a1:/photos /mnt/photos nfs rw,hard,intr 0 0
>>>>>>
>>>>>>note - in one (music) I gave the IP the other (photos) I gave the
>>>>>>name which is mapped in the hosts file just to make sure they
>>>>>>both worked.
>>>>>>
>>>>>>When I try to write to either the /mnt/music or /mnt/photos
>>>>>>directory using vim I get the following error on saving the file:
>>>>>>
>>>>>>"test.txt" E212: Can't open file for writing
>>>>>>
>>>>>>
>>>>>>In both of the original directories I have a test file that I can
>>>>>>open and read. In order for this to be seemless the way I want
>>>>>>it both of these directories need to be read/write available to
>>>>>>everyone.
>>>>>
>>>>>You should also check the permissions on the mountpoints BEFORE you
>>>>>mount the NFS. NFS will inherit the permissions of the mountpoints, so
>>>>>those have to be right first.
>>>>>
>>>>>Also verify you have lockd (nfslock) running.
>>>>>----------------------------------------------------------------------
>>>>>- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
>>>>>- VitalStream, Inc. http://www.vitalstream.com -
>>>>>- -
>>>>>- If Windows isn't a virus, then it sure as hell is a carrier! -
>>>>>----------------------------------------------------------------------
>>>>
>>>>OK, I added no_root_squash to /etc/exports and proto=tcp, user,
>>>>_netdev,auto to fstab.
>>>>
>>>>nfslock is running
>>>>
>>>>chmod 777 to /mnt/music and /mnt/photos when these were not
>>>>mounted
>>>>
>>>>Now I can read and WRITE as root but only read as a user.
>>>>
>>>>As a user "brad" on the client and as a user "brad" on the server
>>>>both with the same password I thought I should be able to
>>>>read/write.
>>>>
>>>>Here are my new files:
>>>>
>>>>/etc/exports on the server
>>>># /home 192.168.1.0/255.255.255.0(rw,no_root_squash)
>>>>/music 192.168.1.0/255.255.255.0(rw,no_root_squash)
>>>>/photos 192.168.1.0/255.255.255.0(rw,no_root_squash)
>>>>
>>>>
>>>>
>>>>/etc/fstab on the client
>>>>LABEL=/ / ext3 defaults
>>>>1 1
>>>>LABEL=/boot /boot ext3 defaults
>>>>1 2
>>>>none /dev/pts devpts
>>>>gid=5,mode=620 0 0
>>>>none /proc proc defaults
>>>>0 0
>>>>none /dev/shm tmpfs defaults
>>>>0 0
>>>>/dev/hda8 swap swap defaults
>>>>0 0
>>>>/dev/fd0 /mnt/floppy auto
>>>>noauto,owner,kudzu,rw 0 0
>>>>/dev/hda5 /D2 vfat
>>>>auto,defaults,uid=500,gid=500,umask=000 0 0
>>>>/dev/hda1 /C vfat
>>>>auto,defaults,uid=500,gid=500,umask=000 0 0
>>>>//SAM/C /SAM/C smbfs
>>>>credentials=/root/.smbpasswd,uid=500,gid=500 0 0
>>>>//SAM/D /SAM/D smbfs
>>>>credentials=/root/.smbpasswd,uid=500,gid=500 0 0
>>>>//SAM/E /SAM/E smbfs
>>>>credentials=/root/.smbpasswd,uid=500,gid=500 0 0
>>>>//SAM/F /SAM/F smbfs
>>>>credentials=/root/.smbpasswd,uid=500,gid=500 0 0
>>>>//SAM/music /D/mp3 smbfs
>>>>credentials=/root/.smbpasswd,uid=500,gid=500 0 0
>>>>/dev/cdrom /mnt/cdrom udf,iso9660
>>>>noauto,owner,kudzu,ro 0 0
>>>>/dev/cdrom1 /mnt/cdrom1 udf,iso9660
>>>>noauto,owner,kudzu,rw 0 0
>>>>192.168.1.55:/photos /mnt/photos nfs
>>>>proto=tcp,user,_netdev,auto,rw 0 0
>>>>C1911A1:/music /mnt/music nfs
>>>>proto=tcp,user,_netdev,auto,rw 0 0
>>>>
>>>>Thank you guys are great - we are SOOO close. Is there anything
>>>>else you need to see?
>>>
>>>Did root mount the filesystems or were they mounted by users?
>>>
>>>If by users, does the server know who they are (are they in /etc/passwd
>>>on the server?) and do the users have permissions on the server to write
>>>to those directories?
>>
>>IMHO . . . It's getting way too complex for simple shares as these.
>>Question: IS the account "brad" on both the server and client systems,
>>ACTUALLY; uid 500 and gid 500? If not, on both systems do; (Assuming
>>that the group numbered 500 exists and the uid 500 is not already taken)
>>
>># usermod -u 500 brad
>># usermod -G 500 brad
>># chown -R 500:500 /home/brad
>># chown -R 500:500 /music (and any other files/dirs to be accessed
>>
>>If the group 500 doesn't exist on the systems, do this first.
>># groupadd -g 500 brad
>>
>>If the uid and gid 500 are already taken, simply choose one's that
>>are not taken and start again.
>>
>>When this (above)is accomplished there is NO NEED for the uid, gid
>>and umask entries in the /etc/fstab. When this is done properly,
>>permissions on the mount points are irrelevant . . . it will just
>>work properly. . . udp or tcp (preferably tcp).
>>--
>>Nix
>>
>>_______________________________________________
>
> OK, I agree it's getting very complicated but if it were simple
> it wouldn't be fun it would be work....
>
> To answer Rick's questions
>
> Mounted at boot - don't know who does it then
Root does it then.
> Yes brad is a user on both systems and is in both passwd files
> NO permissions were not set up right on the server - I did a
> chmod 777 on the two directories and now brad and root can read
> and write to the directories from the client.
Good.
> For Nix,
>
> You have me worried - let's say Sam is a user on both systems but
> his uid doesn't work out to be the same.
>
> HOW does one get both systems to use the same passwords, users
> and id's automagically?
Ah, welcome to the wonderful world of network administration. That
problem has been around for a long time. And there's a solution. It's
called "NIS" (network information system), formerly known as "yp"
(yellow pages--which is why many of its programs are still called
"yp-something" such as "ypinit").
NIS was designed so all systems can have a consistent view of the
passwords, home directories, etc. If you don't need the ability to
mount a user's home directory over NFS when they log into a client
machine or any of the other "fancy" stuff NIS can do, then you could use
LDAP instead as a simple passwd/group/shadow replacement. In fact, many
NIS implementations now use LDAP instead of the older method of using
flat files to hold its maps and such.
By the way, Microsoft ADS (active directory service) is Microsoft's name
for LDAP. They add a few ornaments to it, but it's LDAP. Why the h*ll
can't they just use standard terminology? Oh, yeah. Then they couldn't
charge $800 for it. Grrrr!
> As the server is new I need all the users from the client setup
> on the server.
>
> While I work on that I've got 10+ Gig of mp3's and ogg files to
> move from various machines to my server.
You can set up an NIS server on the NFS server, then make sure all users
are in its maps. By users, I mean non-system accounts such as root,
bin, etc.--essentially accounts with an UID/GID >= 100. Then you set up
each client machine to be an NIS client and modify /etc/nsswitch.conf to
also use NIS. You probably should grab a book on NIS as well.
O'Reilly's "Managing NFS and NIS" by Stern would be a good place to
start. Remember that NIS
Alternately, you could set up LDAP on the NFS server and make the other
machines LDAP clients. It's similar to setting up NIS, but the
components are a bit different. There's a HOWTO on it on the Linux
Documentation Project site.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Millihelen, adj: The amount of beauty required to launch one ship. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list