On Wed, 14 Oct 2015, Carlos E. R. wrote:
On 2015-10-14 19:49, Xen wrote:
I'm currently trying to have an NFS mount not have rwxrwxrwx.
Now that's strange, I never got those.
The visible permissions are controlled at the server machine, not at the client. And it is just about changing the permissions there.
Yes that's what I said at the end, how convenient for you to have missed that. Make me look like a moron again. Heh? ;-).
And once you mount the share at the client, it is just like a normal, local, directory, so just change them.
Aye, I figured that. But. The issue is. I am having to think up a strategy where the remote group policy coincides with the local group policy, that's one. But on the remote system there are two user groups: users at 50, and administrators at 101 or something. Error, users at 100. And any additional group you add gets 65536+. I wanted to use or abuse the staff group for something at 50, but that won't work since the remote system won't have that. So first I will need probably to mirror the 65536 group locally. Just give it a name. "Friends". Or "Home". Or "Trusted". Then, apparently, the remote umask, at least for samba shares, is set to .... zero. So that's where the rwxrwxrwx comes from. I will first have to change everything to rwxrwxr-x. At least for folders. Then, these remote users don't exist locally. What to do. I can create them. I can also sync my remote user UID with the local one. I don't know, I was going to ask on the Syn forum but it takes time to do that and get an answer, if any. If it was a samba share all files would just have a single owner. Which would make it easy to create or control access from mhere. Then, if samba mounted, the effective samba user would be the one changes on the remote filesystem would be attributed to. So that is easy in that regard. Now I'm having to.... decide or devise whether... you know. The remote files may have various owners. If I want any process to operate on these shares as a whole (say a cloud software for the web) it must (a) preserve ownership and (b) be part of a group that has write access (for instance). But I don't think it will play nice. It wants to have its own store etc. In the remote system, files are created using the logged-in user. But in this cloud thing, they are created with www-data. You don't have access to it, normally. Open source, yay. Never thinking about real use cases. That's of course because the cloud users are not real system users. But they are on the remote system. Much better, in that regard, I think.... I don't want to use samba because I perceive the performance and reliability will be much better with NFS in other regards. But this having to sync users is a problem. For instance, I don't even *want* my remote user to exist on the local system. But now they are really just numerics, and in any case, nonsense. It is the same with extracting (with root user) a tarball on a different system. The users will be "garbled". These users must stay different. At the same time I want the entire share (this one) to be accessible just under my default user in the local system. With samba this is possible. That would greatly ease or alleviate the problems with getting it to work with the cloud thing. I don't want these systems to be "as one" :(. What use do I have for those remote users. The remote collection is not user owned anyway, more group owned. A shared thing, even if I'm the only person currently :P. As I have been for numerous decades. But anyway. A person has the right to believe right. What you'd get then with remote access is that the owner of something might change (not common, but possible). The only way out of that is to have the cloud thing use real users and then make the users the same as well. Buh... Even if I didn't use a cloud I would still need to have users for those files. Maybe I just shouldn't try to export or expose my collection in this way. Why require 2 diffent cloud interfaces, right. So what you do is create a dedicated share for the *current* collection (the cloud thing) and use it as as data store for that. Or, you use that dedicated share as a backup of it, which is the same thing really. Now with NFS you STILL need to have identical users. Either the local system will write to it and the remote system won't (I'm the one using the mount) and the remote system will see unknown users as owners. Or, ..well. I guess it should not be changed on the remote host (the real host). This is nearly impossible to get right. Even if I get local capacity I want it to be synced to a backup share. But then collections will differ and diverge. I guess that's unavoidable, they are two different systems. I have to go do something else though. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org