The only reason I can think of is root squash. What "id -a" on client show? Any change when exporting with no_root_squash? Отправлено с iPhone
26 окт. 2015 г., в 16:22, Carlos E. R. <robin.listas@telefonica.net> написал(а):
On 2015-10-26 07:33, Andrei Borzenkov wrote:
On Mon, Oct 26, 2015 at 9:20 AM, Carlos E. R. <> wrote:
And what user/group owner does it show this time? "ls -l /data/hoard"?
Unchanged:
Telcontar:~ # mount -v /data/hoard mount.nfs: timeout set for Mon Oct 26 13:50:07 2015 mount.nfs: trying text-based options 'vers=3,addr=192.168.1.15' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 192.168.1.15 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 192.168.1.15 prog 100005 vers 3 prot UDP port 20048 Telcontar:~ #
Telcontar:~ # l /data/hoard/ total 100 drwxr-xr-x 5 root root 94 Sep 26 2014 ./ drwxr-xr-x 21 root root 4096 Sep 9 2014 ../ drwxr-xr-x 7 cer users 97 Oct 24 2014 Downloads.cer/ drwxr-xr-x 5 cer users 4096 Jan 18 2015 Moria.cer/ drwxrws---+ 6 john cosas 4096 Nov 1 2014 TheHoard/ -rw-r--r-- 1 root root 86165 May 24 2014 remote_log Telcontar:~ # ls -ln /data/hoard/ total 96 drwxr-xr-x 7 1000 100 97 Oct 24 2014 Downloads.cer drwxr-xr-x 5 1000 100 4096 Jan 18 2015 Moria.cer drwxrws---+ 6 1011 1010 4096 Nov 1 2014 TheHoard -rw-r--r-- 1 0 0 86165 May 24 2014 remote_log Telcontar:~ # Telcontar:~ # getfacl /data/hoard/TheHoard/ getfacl: Removing leading '/' from absolute path names # file: data/hoard/TheHoard/ # owner: john # group: cosas # flags: -s- user::rwx user:wwwrun:r-x group::rwx mask::rwx other::---
On the server:
cer@AmonLanc:~> l /data/hoard/ total 100 drwxr-xr-x 5 root root 94 Sep 26 2014 ./ drwxr-xr-x 5 root root 4096 Oct 2 20:36 ../ drwxr-xr-x 7 cer users 97 Oct 24 2014 Downloads.cer/ drwxr-xr-x 5 cer users 4096 Jan 18 2015 Moria.cer/ drwxrws---+ 6 john cosas 4096 Nov 1 2014 TheHoard/ -rw-r--r-- 1 root root 86165 May 24 2014 remote_log cer@AmonLanc:~> ls -ln /data/hoard/ total 96 drwxr-xr-x 7 1000 100 97 Oct 24 2014 Downloads.cer drwxr-xr-x 5 1000 100 4096 Jan 18 2015 Moria.cer drwxrws---+ 6 1011 1010 4096 Nov 1 2014 TheHoard -rw-r--r-- 1 0 0 86165 May 24 2014 remote_log cer@AmonLanc:~> getfacl /data/hoard/TheHoard/ getfacl: Removing leading '/' from absolute path names # file: data/hoard/TheHoard/ # owner: john # group: cosas # flags: -s- user::rwx user:wwwrun:r-x group::rwx mask::rwx other::---
cer@AmonLanc:~>
I just created a new directory on the server:
drwxrws---+ 6 john cosas 4096 Nov 1 2014 TheHoard/ drwxr-xr-x 2 john cosas 6 Oct 26 13:58 test/ AmonLanc:/data/hoard #
drwxrws---+ 6 1011 1010 4096 Nov 1 2014 TheHoard/ drwxr-xr-x 2 1011 1010 6 Oct 26 13:58 test/
john@AmonLanc:/data/hoard> getfacl test # file: test # owner: john # group: cosas # flags: -s- user::rwx group::r-x other::r-x
john@AmonLanc:/data/hoard>
I can access it just fine on the client:
Telcontar:~ # ls -ln /data/hoard/test total 0 Telcontar:~ #
Now I activate sticky bit:
john@AmonLanc:/data/hoard> l -n total 100
drwxrws---+ 6 1011 1010 4096 Nov 1 2014 TheHoard/ drwxr-sr-x 2 1011 1010 6 Oct 26 13:58 test/ john@AmonLanc:/data/hoard>
On the client:
Telcontar:~ # ls -ln /data/hoard/test total 0 Telcontar:~ # ls -ln /data/hoard/TheHoard/ ls: cannot open directory /data/hoard/TheHoard/: Permission denied Telcontar:~ #
The only difference I see is the "mask" on the ACLS of directory "TheHoard" :-?
Ah, no, "others" have access. Removing.
john@AmonLanc:/data/hoard> chmod o-r-x test john@AmonLanc:/data/hoard>
Telcontar:~ # ls -ln /data/hoard/test ls: cannot open directory /data/hoard/test: Permission denied Telcontar:~ #
That's it!
Ok, Mr Root is not in the proper group. But my user is:
cer@Telcontar:~> ls -ln /data/hoard/test ls: cannot open directory /data/hoard/test: Permission denied cer@Telcontar:~>
cer@Telcontar:~> grep cosas /etc/group cosas:x:1010:cer,moriarty,john cer@Telcontar:~> ls -ln /data/hoard/test ls: cannot open directory /data/hoard/test: Permission denied cer@Telcontar:~>
In the machine that this works, I changed the name of the group. I'll try that. [...] No difference.
Oh, well...
-- Cheers / Saludos,
Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org