| 1 |
Thanks Sami! |
| 2 |
|
| 3 |
On 4/3/06, Sami Samhuri <sami@××××××××××.com> wrote: |
| 4 |
> Mark Knecht wrote: |
| 5 |
> > Hello, |
| 6 |
> [...] |
| 7 |
> > There have been no changes or updates of any kind to the remote |
| 8 |
> > machine that has the NFS directory exported. Normal updates have been |
| 9 |
> > occurring on my AMD64 machine so presumably the problem is on this |
| 10 |
> > machine as none of the remote files are writable anymore. One thing I |
| 11 |
> > notice is that on the remote machine there are some directories and |
| 12 |
> > files which have user names and some which only have numbers like 501, |
| 13 |
> > 502, etc. |
| 14 |
> > |
| 15 |
> > Where would I start looking for what's changed? |
| 16 |
> |
| 17 |
> The file system stores a user id for the owner and group. ls looks up the user |
| 18 |
> id in /etc/passwd and shows you the username instead. You can make ls show user |
| 19 |
> id's instead of names with `ls -ln`. |
| 20 |
|
| 21 |
OK, I basically knew this... |
| 22 |
|
| 23 |
> |
| 24 |
> When you see numbers such as 501 in the directory listing that means the user or |
| 25 |
> group who had that user id is not found in /etc/passwd or /etc/group. |
| 26 |
|
| 27 |
OK, that means it's using the passwd file local to that specific |
| 28 |
machine then. Here's what I have: |
| 29 |
|
| 30 |
NFS Server: Only one user account: |
| 31 |
|
| 32 |
mythtv:x:1000:100::/home/mythtv:/bin/bash |
| 33 |
|
| 34 |
MythTV Backend Server: 3 user accounts: |
| 35 |
|
| 36 |
mark:x:500:100:Mark:/home/mark:/bin/bash |
| 37 |
evelyn:x:501:100:Evelyn:/home/evelyn:/bin/bash |
| 38 |
matt:x:502:100:Matt:/home/matt:/bin/bash |
| 39 |
|
| 40 |
AMD64 machine: 2 user accounts: |
| 41 |
|
| 42 |
mark:x:1000:100::/home/mark:/bin/bash |
| 43 |
matt:x:1001:100::/home/matt:/bin/bash |
| 44 |
|
| 45 |
> |
| 46 |
> The user id's on all the machines you use with NFS have to be the same. I found |
| 47 |
> this in the HP-UX documentation via google: |
| 48 |
> |
| 49 |
> >>>> From: http://docs.hp.com/en/5991-1153/ch02s01.html#bghdjbfa |
| 50 |
> |
| 51 |
> To Set User IDs and Group IDs (if neither NIS nor NIS+ is used) |
| 52 |
> |
| 53 |
> * Create one /etc/passwd file and one /etc/group file that contain all the users |
| 54 |
> and groups on the network, and then copy these files to all the machines on the |
| 55 |
> network. |
| 56 |
> |
| 57 |
> or |
| 58 |
> |
| 59 |
> * Edit the /etc/passwd and /etc/group files on each machine to ensure that the |
| 60 |
> following conditions are true: |
| 61 |
> |
| 62 |
> o Each user has the same user ID on all machines where that user has an account. |
| 63 |
> |
| 64 |
> o No two users anywhere on the network have the same user ID. |
| 65 |
> |
| 66 |
> o Each group has the same group ID on all machines where that group exists. |
| 67 |
> |
| 68 |
> o No two groups on the network have the same group ID. |
| 69 |
> |
| 70 |
> When users request NFS access to remote files, their user IDs and group IDs are |
| 71 |
> used to check file ownership and permissions, just as they are locally. |
| 72 |
> |
| 73 |
> If a user has one user ID on an NFS client and a different user ID on an NFS |
| 74 |
> server, the server will not grant the user access to his or her files on the |
| 75 |
> server, because it thinks the files belong to someone else. |
| 76 |
> |
| 77 |
> If a user on one machine has the same user ID as a user on another machine, one |
| 78 |
> user may gain access to the other user's files. |
| 79 |
> |
| 80 |
> >>>> |
| 81 |
> |
| 82 |
> Perhaps your user ids don't match. I've been bitten by this before sharing |
| 83 |
> between Mac OS X, Gentoo, and Ubuntu. Hope this helps. |
| 84 |
|
| 85 |
OK, I think you've hit on a potential problem here. Problem is what is |
| 86 |
the best way to address this on machines that have been running for a |
| 87 |
long time? Can I safely edit /etc/passwd and /etc/group and then do |
| 88 |
chown -R commands to change the ownership of files on the systems |
| 89 |
after I make all the IDs and groups identical? |
| 90 |
|
| 91 |
Thanks, |
| 92 |
Mark |
| 93 |
|
| 94 |
|
| 95 |
> |
| 96 |
> -- |
| 97 |
> Sam |
| 98 |
> -- |
| 99 |
> gentoo-amd64@g.o mailing list |
| 100 |
> |
| 101 |
> |
| 102 |
|
| 103 |
-- |
| 104 |
gentoo-amd64@g.o mailing list |
Archives