I installed openSUSE and I’m enjoying it, but I’m having problems with the network nfs
On the server, in the file /etc/exports I created the following line:
/home/sergio/fat *(rw,sync,no_root_squash)
and on the client I did the mount in /etc/fstab using the line:
192.168.1.101:/home/fat nfs /media/nfs driveF auto, user, users, rw 0 0
With the above settings:
I’m accessing the shared folder /home/sergio/fat from any PC
I’m reading and writing in the network as a user on any client PC
But the Common User client can not edit files created by common user server unless permissions are 777.
Regular users of the server also can not edit the files recorded by the network unless these files are as originally 777
The root on client PCs, access everything without problems, unrestricted
How do I get a regular user on a client PC, can edit a file not created by it on a server?
How to make that a regular user can edit the server files received from client PCs?
Sorry for bad English
Please, any help is welcome.
first field 192.168.1.101:/home/fat
should be the device to be mounted, looks OK to me; 1. second field *nfs *
describes the mount point, does look wrong to me; 1. third field /media/nfs
describes the type of the file system, looks wrong to me, should be nfs for an NFS mount; 1. fourth field driveF
describes the mount options, again wrong IMHO.
I think I stop here. Please first check your fstab entry before coming to any conclusions.
BTW, I see you are new here. That means we have to explain to you ho to post computer text here. Allways do so between CODE tags. You get the CODE tags by clicking on the # button in the tooll bar of the post editor.
And please, when applicable, copy paste complete prompt-command-output-prompt between those CODE tags.
I do not understand. Did you now chance your fstab? Or did your copy/paste go wrong the first time?
Please use CODE tags, not QUOTE tags around your copied/pasted computer text. It is the # button in the tool bar of the post editor.
And please copy/paste, including the prompt-the command-the output-the next prompt. Only then can we see what you did and what you got. As an example, when I wanted to show my fstab, I would post:
Same for your story about the permissions being 777. You better show this. As one of the involved users show us about one of the files that can’t be written to with
sergelli wrote:
> sorry, that is the correct line of /usr/fstab
>
>> 192.168.1.101:/home/fat /media/driveF nfs auto,user,rw
>> 0 0
/home/fat isn’t the directory you said you exported! So you’re still not
telling us the truth! I’m not accsuing you of lying, but of typing
things instead of cutting and pasting computer output.
Also ‘no-root-squash’ is a dangerous option. It normally means you don’t
know what you’re doing. Other things you’ve said also make me think that
you’re new to NFS and trying to make it work like some other system,
instead of understanding what NFS is and using it appropriately.
You also haven’t told us what version of NFS you’re using, or even what
version of openSUSE. These things are important.
I think you need to do some more reading; perhaps search for an NFS
tutorial. You also need to explain what your goal is.
Mr. djh-novell
My goal is to allow multiple users to use a system of programs that create and modify files with information from their sales operations.
Bellow my fstab
I only created the last line. The others were made by installing OpenSuse.
I created a folder named TEST and changed the permissions of it to 777
Using the client PC, within the TEST folder, I created the file client.txt
Using the PC and server in the folder TEST. I created the file server.txt
Below is the result of ls-l held in client PC
linux-l78t:/media/driveF/usr/TEST # ls -l /media/driveF/usr/TEST/
total 8
-rw-r--r-- 1 sergio 10001 21 Set 5 13:30 client.txt
-rw-r--r-- 1 10001 10001 16 Set 5 13:31 server.txt
The result is that the PCserver user can not edit client.txt and the PCclient user can not edit the file server.txt
I’m sharing this folder with rw option, so I hope that all who are accessing can read and write., Is not it?
How do I set up to give edit permissions for two users?
Don’t you see that the file server.txt is own by userid 1001, which is apparently not configured on this system (else it would show a username)?
When you tightly couple systems as here by using NFS, you should have a common user administration on those systems. When you export something that has a file owned on the server by user 1001, which may have a username john, on the client system that file is of course again owned by userid 1001, which may be username john, or another username, or even none (as is here the case).
Please try to understand ownership of files by userid and groupid and the permissions that go with that.
Your setup is not going to work, since you export /home/sergio/fat on 192.168.1.101, next you mount /home/fat. That should be /home/sergio/fat, since 192.168.1.101:/home/fat doesn’t exist.
Here’s examples:
Server’s export:
/home *(rw,root_squash,sync,no_subtree_check)
Client’s fstab:
192.168.1.10:/home /home nfs defaults 0 0
Another thing: don’t mount stuff in /media. That folder is meant to mount removable media in. If you are exporting (parts of) a user’s homedir, then mount them on the same place on the client, or mount them in their own folder, f.e. /nfsmounts or /data. This makes you aware of how you organized stuff. So, 192.168.1.101:/home/sergio/fat on /home/sergio/fat and take care that both sergio’s have the same UUID.
Oh, and another thing: Use Yast instead of manually changing things with an editor. A corrupted fstab can easily lead to a non-booting system.
To do so, you need yast2-nfsserver on the server machine, yast2-nfs on the client machine.
this line below, exist into “/etc/exports” in my server PC
192.168.1.101:/home/fat *(rw,sync,no_root_squash)
About owner: On server Pc the name's user is fat
The directory “/home/fat” exist into my server PC and I want share it
I mounted this directory in my client PC without problems
Except that I can not edit anything of other owner if I am not the root user
Please: Note I have not user “sergio” into server PC
Thanks about “don’t mount stuff in /media”. I learned one more
They are different users. 1000 is different from 1001. The names are not realy important, but most sytsem managers would try to have the same usernames for the same userids on all systems.
And as one user is 1000 and the other is 1001 they are different. And their files are protected from each other by the permissions. Do you understand that concept? It is not different if this is on a file system on tthe same computer, or if it is imported from another computer. Of course it is the same. Else you could break security!
Some addition to what Henk’s explaining. Your idea of having UUID 1001 (or 1000) for both the user on the server and the user on the client is OK. This is not an issue in a 3 client situation, but it is when 150 users have different names on the clients than they have on the server.
For the static machines at home, I use NIS for user management and authentication. NIS exports the users (it’s a bit more than that), the client uses the NIS server to authenticate. NFS exports /home from the server, so that every /home/USERNAME exists only on the server, the clients have no users configured. The PC’s have only a 40GB HDD or a 30GB SSD with openSUSE on it.
Like already mentioned “root_squash” is a dangerous feature. If a hacker gets root access on a client, he/she automatically has root access to the shared folders.
Maybe it’s better that you first define what you’re trying to achieve. Personally I don’t see the use of mounting an entire user homedir on one machine in another user’s homedir on another machine.
sergelli wrote:
> Mr. djh-novell
> My goal is to allow multiple users to use a system of programs that
> create and modify files with information from their sales operations.
[snip]
> I created a folder named TEST and changed the permissions of it to 777
> Using the client PC, within the TEST folder, I created the file
> client.txt
> Using the PC and server in the folder TEST. I created the file
> server.txt
> Below is the result of ls-l held in client PC
>
> Code:
> --------------------
>
> linux-l78t:/media/driveF/usr/TEST # ls -l /media/driveF/usr/TEST/
> total 8
> -rw-r–r-- 1 sergio 10001 21 Set 5 13:30 client.txt
> -rw-r–r-- 1 10001 10001 16 Set 5 13:31 server.txt
>
> --------------------
>
> The result is that the PCserver user can not edit client.txt and the
> PCclient user can not edit the file server.txt
> I’m sharing this folder with rw option, so I hope that all who are
> accessing can read and write., Is not it?
> How do I set up to give edit permissions for two users?
OK. This is a completely separate problem than your NFS problem. This
question is how can two or more users have write access to the same
files? You would have exactly the same question with multiple users on
the same machine, with no NFS at all.
Start with what other people have said: Make sure that each user has
their own UID and make sure that the UIDs are the same on all machines.
Now the way to solve your problem is to use GIDs. Make sure that every
user is a member of some group that has the same GID on every machine.
Let’s call the group ‘sales’.
So when a user saves a file it will have his UID & the sales GID
associated with it. All that is then necessary is to make sure that he
saves it with group write permission. Then all the other users will be
able to both read and write the document.
You typically make the files group writable by setting the users’ umasks
to 002 in their .login files or in the system one.
Alternatively, learn how to use ACLs to solve the problem. I’ve never
used them so can’t help there.
Thank you for the explanation. You are quite clear.
I made the necessary changes and now have the following situation:
In the PC server, I created the file “server.txt” and right now I have this result with ls -l:
[faturam@faturam TEST]$ ll
total 7
-rw-r--r-- 1 faturam live 2 2013-09-06 07:59 server.txt
The goal is to edit using the PC client, with the user sergio.
OK I did the editing and after, in the PC server, this is the result with the ls-l
[faturam@faturam TEST]$ ll
total 7
-rw-r--r-- 1 1001 live 239 2013-09-06 08:05 server.txt
But now, in PC server, the user “faturam” can’t not edit the file “server.txt”.
The faturam’s userid is “1001”,
Perfectly, I will try to change the programs to not be necessary to use the entire home directory on the PC server, and no longer will use “no_root_squash”.
If I use NIS, when I’m on the client PC, I’ll have to login as an existing user on the server?
Is this right or I misunderstood?
My God! if so, I’ll have to change a lot in my programs
NIS is not gonna solve your issues. Of course you can create a situation where you get it working but it will be miles away from the defaults.
My 2 cents: let the users with UID 1001 have the same name on both machines, i.e. both sergio or both faturam.
Another thing you could consider is to export the entire /home from the server, mount it on /home on the client(s). To do this without NIS, the users have to exist on both client(s) and server, and have the same UID’s. That’s the default and by far the easiest way. Yast allows you to change the username (just checked and did so with a testuser).
My God (again)
Now, in fact, I do not know what to do, please, an idea?
I did change the user config on both PCs, now they have the same name, same password, same UID number
Logged in the PC server, I created the file “server.txt”
[faturam@faturam TEST]$ ll
total 4
-rw-r--r-- 1 faturam live 2 2013-09-06 14:34 server.txt
Into client PC, I edited and save this file, and go back to server PC
[faturam@faturam TEST]$ ll
total 4
-rw-r--r-- 1 1001 live 32 2013-09-06 14:47 server.txt
As you can see, this is the result of editing done PC client
and the user name is changed to “1001” instead “faturam”.
and despite the uid being equal, same password, same uid number, in both PCs, the file was no write permission
But i can delete him
[faturam@faturam TEST]$ rm server.txt
rm: remover arquivo comum "server.txt" protegido contra escrita? s
[faturam@faturam TEST]$ ll
total 0
Please excuse me, but tell me how it is possible to solve this.