luk
Cadet
- Joined
- Dec 10, 2020
- Messages
- 6
I've spent today trying to make my NFS share only have root the permission to write, while also having the ability to read/execute as non-root which didn't work out for me.
I have a data set at Storage - Pools. In "Edit Permissions" The owner is root and group set to wheel. In here I've tried changing user, groups, etc a lot with no luck. Access is currentely set to read and execute for both User and Other. Notice how I didn't have write checked, yet I can write to my NFS share. However if I uncheck everything I can't access the share as regular user, it's as if only the write option doesn't work?
In "Sharing - NFS - Edit" I have all dirs and Enabled checked and Map root User set to root.
Taking a look at it from my system all seems to be correct:
In this directory I can only view files as a regular user, can't write (this is what I want). However if I cd into any directory, I now have full read/write permission when I shouldn't, why?
I've tried using various chmod, chgrp, chown commands on a few of my directories and nothing seemed to change. One thing to note is that when I create a new file here it seems to reveal what the true permissions are:
This is the commad I use to mount the nfs share:
sudo mount -t nfs 192.168.1.22:/mnt/pool10TB/dataset /mnt/NFS-SHARE
My previous smb share had these options:
//192.168.1.22/dataset /mnt/smb-share username=usr,password=pass,dir_mode=0705,file_mode=0705,iocharset=utf8,vers=3.0,mfsymlinks
I'm aware that NFS don't work the same way when it comes to username and pass, but I want to have the local user permissions. I'm to scared to use it as is cause I know I'm going to accidentally delete the whole share. What have I missed, or got wrong? Thanks for reading!
I have a data set at Storage - Pools. In "Edit Permissions" The owner is root and group set to wheel. In here I've tried changing user, groups, etc a lot with no luck. Access is currentely set to read and execute for both User and Other. Notice how I didn't have write checked, yet I can write to my NFS share. However if I uncheck everything I can't access the share as regular user, it's as if only the write option doesn't work?
In "Sharing - NFS - Edit" I have all dirs and Enabled checked and Map root User set to root.
Taking a look at it from my system all seems to be correct:
luk@arch-pc:/mnt$ ls -lad NFS-SHARE/*
d-----x--- 14 root root 15 Jan 9 04:11 NFS-SHARE/dir1
d-----x--- 25 root root 28 Dec 2 01:28 NFS-SHARE/dir2
drwx------ 5 root root 5 Jan 9 04:12 NFS-SHARE/dir3
d-----x--- 5 root root 5 Sep 13 05:01 NFS-SHARE/dir4
d-----x--- 18 root root 20 Oct 12 01:26 NFS-SHARE/dir5
d-----x--- 7 root root 7 Jan 20 2021 NFS-SHARE/dir6
d-----x--- 9 root root 9 Mar 15 2021 NFS-SHARE/dir7
d--------- 9 root root 10 Nov 9 03:14 NFS-SHARE/dir8
d-----x--- 10 root root 10 Nov 9 03:05 NFS-SHARE/dir9In this directory I can only view files as a regular user, can't write (this is what I want). However if I cd into any directory, I now have full read/write permission when I shouldn't, why?
luk@arch-pc:/mnt/NFS-SHARE/dir1$ ls -lad *
d-----x--- 4 root root 7 Nov 21 04:15 NFS-SHARE/dir1/dir1
d-----x--- 6 root root 6 Oct 30 03:22 NFS-SHARE/dir1/dir2
d-----x--- 3 root root 32 Oct 18 17:53 NFS-SHARE/dir1/dir3I've tried using various chmod, chgrp, chown commands on a few of my directories and nothing seemed to change. One thing to note is that when I create a new file here it seems to reveal what the true permissions are:
luk@arch-pc:/mnt/NFS-SHARE/dir1$ touch test
luk@arch-pc:/mnt/NFS-SHARE/dir1$ ls -la
total 75
drwx------ 5 root root 6 Jan 9 04:35 .
drwx---r-x 13 root root 12 Jan 9 03:59 ..
d-----x--- 4 root root 7 Nov 21 04:15 dir1
d-----x--- 6 root root 6 Oct 30 03:22 dir2
d-----x--- 3 root root 32 Oct 18 17:53 dir3
-rwx--x--- 1 luk root 0 Jan 9 04:35 testThis is the commad I use to mount the nfs share:
sudo mount -t nfs 192.168.1.22:/mnt/pool10TB/dataset /mnt/NFS-SHARE
My previous smb share had these options:
//192.168.1.22/dataset /mnt/smb-share username=usr,password=pass,dir_mode=0705,file_mode=0705,iocharset=utf8,vers=3.0,mfsymlinks
I'm aware that NFS don't work the same way when it comes to username and pass, but I want to have the local user permissions. I'm to scared to use it as is cause I know I'm going to accidentally delete the whole share. What have I missed, or got wrong? Thanks for reading!
