permissions using NFS mounts

[steve_77]

Ok so I'm running into a few issues and have a few questions. I am using NFS shares and when my freenas share is mounted via NFS - on another machine as root and as regular 'users' I can "touch" (create file) on the nas file-system - but if i try to copy directories I can only do that as root.

1) Is there a way to import users and groups into freenas using yp ? -(Im not even sure if this would alleviate this problem)


also to complicate things on frennas user id's start at 1000+

on my other system users id's start at 500...
& there are many users and different groups... perhaps even ISCSI might be a better solution, as we need "walled garden" approach for the permissions on the pool

 

[ProtoSD]

1) Is there a way to import users and groups into freenas using yp ? -(Im not even sure if this would alleviate this problem)

NO

frennas user id's start at 1000+

You can edit users and change their UID's to anything you like so they match your other UID's. Just be sure they are not in use by another FreeNAS user already. Go to:

Account -> Users -> View All Users

if i try to copy directories I can only do that as root

Look at your permissions for your volume here (Web GUI):

Storage -> Volumes -> Change Permission

Hope that helps!

 

[steve_77]

You can edit users and change their UID's to anything you like so they match your other UID's. Just be sure they are not in use by another FreeNAS user already. Go to:

Account -> Users -> View All Users

too many users to do this with... then find out what each users existing password is and add that in... thats not happening. :(


I got around the directory problem by setting the volume permissions to "nobody:users" (instead of "root:users") while making sure the gid for users on freenas matched my other system... i can copy and make directories, and it looks like the system is honoring the permissions of the directory 'owner' but not those of the group.

so say i have 2 users on remote system which has the freenas volume mounted as nfs

remote sys:
bob uid=511 gid(users)= 100
joe uid=512 gid(users)= 100


freenas sys
*(see note) gid(users)= 100



and on the remote machine via nfs :

as "joe" i copy come files to the nas and see them.. do an # ls -alrt

drwxrwxr-x 4 joe users 4 Jul 20 13:07 ..
drwxrwxr-x 4 joe users 4 Jul 20 13:07 .
drwxrwxr-x 3 joe users 3 Jul 20 13:07 racoon

i chown the directory (non recursive) to 'bob' just in case (shouldnt have to) & do



# ls -alrt

drwxrwxr-x 4 joe users 4 Jul 20 13:07 ..
drwxrwxr-x 4 bob users 4 Jul 20 13:07 .
drwxrwxr-x 3 joe users 3 Jul 20 13:07 racoon


so technically even though 'joe' owns 'raccoon' - 'bob' has group permissions to write...


so i come in as 'bob' now who is also in the same group, yet cannot change the file 'racoon' - read-only for some reason...???


* note - i tried repeating this test - creating dummy users "joe" and "bob" on the freenas with same uid to no avail.... but as i said i cant add in all the users anyhow... so after it was determined that having the same people as users with matching gid & uid on freenas box didn't matter those users were removed - although the group is still there.

 

[ProtoSD]

Steve,

What version of FreeNAS are you running? 8.0? They just fixed a bunch of permission related problems (or at least tried to) in 8.01 beta4 I believe. This might be one of those problems that was fixed, or maybe not if you're already using beta 4. There's still no easy way to import a large number of users like you want.

 

[steve_77]

using 8.0 --

was thinking of testing out the new 8.01 beta - but didnt know if i had to do fresh install or if I can use the firmware upgrade gui...

 

[ProtoSD]

If you're going from 8.0, I think the recommend method is to upgrade from the CD. It recognizes you already have FreeNAS installed and asks if you want to upgrade. The upgrade from the GUI isn't ironed out completely yet.

 

[steve_77]

thanks for the tip on using upgrade CD iso... that part was nice and painless

however i'm still have the same issues.... with 8.01-B4 Although things are better - the filesystem does not properly honor owner/group permissions :(