User permissions in NFS mounted directory

  • I have oracle linux 6.7, a NFS server in Windows, and I am trying to mount a shared folder in Linux.

    The Windows NFS server has a shared mount :

    192.168.1.10:/OracleBK
    

    In my oracle linux server, I created a folder , /orabackup and the oracle user from oinstall group is the owner of this folder :

    mkdir /orabackup
    chown -R oracle:oinstall /orabackup
    chmod -R 777 /orabackup
    mount -t nfs -o rw 192.168.1.10:/OracleBK /orabackup
    

    The /etc/fstab corresponding line is

    192.168.1.10:/OracleBK /orabackup nfs defaults 0 0
    

    The command for mounting the folder used is :

    mount /orabackup
    

    Now , the "orabackup" folder is mounted .

    However the oracle user cannot read and write, and needs read and write permissions to this directory. The root user can read and write.

    What should be done to give full permissions to the oracle user ?

    If it is a NFS server in Windows, then please add to the post the product/software that allows you to do that.

  • NFS checks access permissions against user ids (UIDs). The UID of the user on your local machine needs to match the UID of the owner of the files you are trying to access on the server.

    I would suggest to go to the server and look at the file permissions. Which UID (find out with id username) do they belong to and which permissions are set?

    And if you are the only one accessing the files on the server, you can make the server pretend that all request come from the proper UID. For that, NFS has the option all_squash. It tells the server to map all request to the anonymous user, specified by anonuid,anongid.

    Add these options: all_squash,anonuid=1026,anongid=100 to the export in /etc/exports.

    Be warned though, that this will make anyone mounting the export effectively the owner of those files.

    My NFS server , is windows base and for NFS on windows , we set permissions for ip od my linux os.

    You should have stated in your question.that your NFS was actually Windows.

    /etc/exports file is for nfs server and in nfs server we should configure it . in client , we should not add any line to this file .is it true ?

    @monsune is it necessary to match UIDs ?? wont it work when only GIDs match ??

  • You set the attributes on the mount point, and they don't count for much.  You need to do

    chown -R oracle:oinstall /orabackup
    chmod -R 777 /orabackup
    

    again (as root) after mounting /orabackup, to set the attributes of the shared folder.

    after mount , when i write chown -R oracle:oinstall /orabackup , this error is raised : [[email protected] ~]# chown -R oracle:oinstall /orabackup/ chown: changing ownership of `/orabackup/': Permission denied

    I agree with monsune: the fact that your NFS server is Windows-based complicates matters.  Can you look into the documentation of the NFS server software to see whether there is any way to change the ownership of the directory from the Windows box, and/or to allow the "root" user on the client to have full access to the shared folder?

    root user can read and write on this directory . but i want to get permission to oracle user .

    My point is that, according to your previous comment, root doesn't have permission to do `chown`.  Maybe "full access" was the wrong way to phrase that; I meant "full rights" or "full privileges".

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM