Fedora Servers :: NFS Shares Mount But Permissions Are All Nobody Nobody?
Apr 2, 2011
This morning my NFS shares mount but permissions are all NOBODY NOBODY. If I ssh to the server to check the drive(s) permissions are all as they should be! Exports there are fine as is my local fstab. I hope I am just suffering and update glitch because they usually go-away in a subsequent update.
I just spent an hour and a half trying to track it down with no success - time to give up before I do real damage (to which I am prone ).
I am the IT Manager at a research facility. We have a fairly unique network configuration in order to support all of the different projects we have going on. We have Red Hat, Ubuntu, Windows XP/Vista/7, Windows Servers 2003, Ubuntu servers, Red Hat servers, and even a few Netgear ReadyNAS and Buffalo Terastations. Over the last few years, I have been migrating all of my users and accounts to a single ACL list, which I chose to be a Windows AD 2003 server. 95% of my users work on Windows platforms and just use ssh tunnels to develop on our linux boxes.
However, i ran in to a problem with our Linux boxes not being able to symbolic link on my Windows 2003 file shares. Of course, this is a problem with Windows not supporting symbolic links. I know 2008 does support this feature, but given the economy and the budget restraints, we cannot afford to purchase the updates we would need, so now I am moving all of my shares to a Ubuntu 10.04 server using Samba. I have joined the server to my AD domain successfully, i can login using my AD credentials, and even assign ownership and group permissions using AD users/groups.
Here is my question.
I would like to keep the AD permission schemes intact. I have several shares that contain folders that have individual permission settings. For example, I have a /shared directory that contains about 50 different folders. Some of these folders I allow my users to write data to, some just read, and others I deny access to complete groups and just allow key groups to access (for example, personnel data should only be accessed by the Administrative staff).
Is there a way to make this work?
I can assign uid and gid manually per folder in Samba, but i would like to have the possibility to add multiple users and groups with permissions to folders, which I do not believe can be done with the standard chown commands. Currently, I can see the folder permissions from my Windows box, but when I try to edit the permission settings, it defaults back to full access. So my AD permissions are not being saved.
I've been trying to set up a Linux-only network and currently have a working DHCP, DNS, LDAP and NFS server, with a client that can authenticate with the LDAP server and a central /home folder.However, if I wanted to share folders on the NFS server, how would I make the share available to, for example, a particular group of users in the directory?I've never used NIS(+) on a network, but believe you can add a 'group' of users in the /etc/exports file--simples!Does anyone know of the best way to do it (even better anyone who is doing this in a production environment)?
I've a few group shares setup with samba and a PDC (using windows 7 clients) and the home directory for each user gets mounted automatically. I've configured group shares and only members of the respective group have access to them, but my question is how do I tell samba to automount group shares based on the user group?
I'm trying mount nfs shares on f11 to a f14 machine. They are all sub-folders of /media, they all have the same owner (me), same group (ditto) 0x777 protection set. In some cases I can see files in the sub folders but other folders remain hidden. here is a copy of my exports file
I currently mount my smb shares by adding the appropriate line to fstab. Now my son also uses my laptop (F13 by the way) and I would also like to automount the shares for him but as a different user because there are some directories he should not have access to.
I am unable to mount Windows shares on Fedora 12. From Nautilus, I can navigate to the shares, but when I attempt to open one I get a dialog "Password required for share ... on ..." asking for username (prepopulated with my username), domain (prepopulated with MYGROUP) and password. I have the same username on the Windows box, but when I enter the password and click Connect, the dialog just pops up again. I'm not sure what "domain" is, tried with my Windows workgroup name, no good. If I blank out either username or domain, the Connect button is disabled.
I tried using the mount command:mount -t cifs //192.168.0.2/... /tmp/mnt -o username=adrian,password=...,iocharset=utf8,file_m ode=0777,dir_mode=0777 That did work once, but now gives the useful error message:mount error(5): Input/output error Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) I can run Windows instead on the client machine, and that gives me access to the shares, no problem.
I have libsmbclient-3.4.5-55.fc12.i686, but that was installed a month ago. I don't see any more recent changes to anything relating to the samba client. I've never had to enter a password to access Windows shares. Actually, it looks like the problem may be on the Windows side, although as far as I know, nothing has changed there. Using smbclient with debuglevel set high, I see failures with this error:SPNEGO login failed: NT_STATUS_REQUEST_NOT_ACCEPTED Every now and again, I can connect to one or more shares, but after a few attempts, I can't connect to any more. Tried rebooting the Windows box, but that's had no effect. Oh, and "smbclient -L" shows domain as the host name of the windows box, but anonymous login (smbclient -L -N) shows domain as the workgroup name.
I've had my FC11 x86_64 installation up and running for 6 months. Until a week ago, I was able to mount windows shares through Nautilis using their netbios names. About a week ago, this all broke with no tinkering on my part. Now, I can mount the shares using the IP address, but not using the netbios name.
When I make he attempt either from scratch or by using a previously working bookmark, I get "cannot display location "smb:\..." When I browse the network using Nautilis I can see the workgroup, but when I try to open it, I get "unable to mount location. Failed to retrieve share list from server." When I use nmblookup with the netbios name, the correct ip adress is returned.
The problem seemed to correspond to a software update that occurred on 2009-11-21 that included updates to selinux-policy and selinux-policy-targeted. SE Linux has the System Default Enforcing Mode set to disabled. The system default policy type is set to targeted with no other options available.nsswitch.conf file appears to have been changed on the same date, but reverting back to the backup version of the file failed to solve the problem. Samba is up and running. My linux shares are accessible from my windows boxes. The firewall is open to smb and smbclient.
We are using spare parts (Socket 775 Biostar motherboard, OCZ 500wat PSU) to build a computer that will just be another system in the house. I want this system to be running Folding@Home, and the F@H SMP client for Linux is much less of a headache than its Windows couterpart, so I would like this computer to run Fedora. My dad loves networking, and knows how to do it in XP / Vista, so he has always opposed my frequent use of Linux. There are ways of accessing Windows shared folders from Linux, but that I haven't figured it out yet. I want to access Windows shared folders from my Fedora 10. I don't know how to go about doing this, can anyone point me in the right direction? Do I have to install anything special? I can go to Places, and then Network (in Gnome) and I see "Windows Network", but when I click it, I get "Unable to mount location Failed to retrieve share list from server"
I'm having some troubles with my samba shares on a fresh install of Fedora 10 x86_64 on my laptop. The laptop has only the KDE Desktop environment. I'm trying to share between this computer and my homebrew server via a wrt54g linksys router running DD-WRT firmware. The server is running Fedora 9 i386.
The shares on the server can be read by the laptop, and I have been consistently able to mount the server shares on the laptop using mount.cifs, but only when the firewall on the server is down. Shares are only visible between the machines when the firewall is down on the machine containing the share. I set up the shares using the system-config-samba tool, and the firewalls are both set to allow samba server and samba client. I can typically see the laptop from the server, but not the shares, and only when the laptop firewall is disabled. I can access the Laptop shares from the laptop. When trying to mount the laptop shares on the server, a warning message stating that the mount failed appears. Shares show up as correct in both the system-config-samba tool, and the KDE sharing tools. The share shows a "shared" icon in the dolphin browser.
From all that I know, the shares should work perfectly. I've searched the web, perused the man pages and how-to's, and combed through the forums, and everything I've found tells me that the shares should be working. Since they are not working, it leads me to believe that I must have made a mistake someone and not noticed it.
It's been awhile since I posted anything which is a good sign my install has been working well and I have been able to handle most everything. However, I'm not able to handle this issue. I recently installed F11 and everything went well. But, when trying to see my other computers on the local network, I cannot. I receive this error message: Unable to mount location Failed to receive shared list from server. I understand the message as it is obvious, but do not know how to fix it.
Something that has been in the pipleline at work for a while is user-based web directories. Main PDCs are running Windows Server 2003 using Active Directory, ideally what would happen is that users have a web share under [URL].. - the server behind this would be Linux (either Fedora or CentOS).
What kind of configuration would be needed for Apache to make this possible? The way I have planned so far is to have the Linux box auth against the AD domain (possibly joined), with Apache setup to share local public_html folders. Not sure how I can get rid of the tilde from the start of the username, but it should be pretty easy.
I had an older fedora box (I think it was Core 3) that acted as my file server in my small network (4). It worked fine when I had all XP clients connecting to it. Recently we decided to get all new computers. So now I have a fedora 10 box acting as my file/print server and all Vista Home premium computers as the clients. For the life of me I can not get samba to work. When I try to map the network drives on windows it will not let me authenticate. I install swat and try it that way, still no luck. Here is a copy of my smb.conf file:
Code: # Samba config file created using SWAT # from UNKNOWN # Date: 2009/05/19 21:47:31
[global] workgroup = AIVILANET server string = Bighat Samba Server interfaces = eth0 null passwords = Yes smb passwd file = /etc/samba/smbpasswd passdb backend = tdbsam username map = /etc/samba/smbusers syslog only = Yes announce version = 5.0 name resolve order = hosts wins bcast socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = CUPS wins support = Yes
[HP-LaserJet-1200] comment = HP LaserJet 1200 path = /var/spool/samba read only = No printable = Yes printer name = HP-LaserJet-1200 oplocks = No share modes = No
[printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No
[home] path = /home/savona/ username = savona valid users = @Users admin users = savona write list = savona force user = savona force group = savona read only = No hosts allow = 10.0.0.2
I've been using Ubuntu for about 2 years now, but still have trouble with some of the finer workings of linux. I have a laptop that I use for general computing, and a desktop hooked up to a TV as sort of a remote backup/htpc. A problem I run into is when I transfer files, they get transfered with the owner set as the original computer's account, and I can't do anything until I open a remote viewer and gksudo nautilus to change the permissions of the file. I looked at articles about permissions and uid's, gid's, and umask but can't figure out how to apply it to my situation.
I thought about doing something with groups but am not sure exactly what, and anyway, default group settings only give read access and what I'm really looking for is the ability to manipulate files and folders across the entire /home dir on my desktop from my laptop. Desktop is running 8.04 and laptop is running 9.10. BTW I am currently sharing through smbfs. I read that this has been replaced by cifs, but at the moment I would prefer not the mess with things if I don't need to.
I have a Natty headless server that I would like to set up shared directories and grant specific users write permissions. I use a Windows 2008 R2 machine with Active Directory for authentication and have created a group GroupWithWriteAccess which I want to have write access to the shared directory. I want all other users to have read only access. I have edited my smb.conf file with the following
The machine is fully setup to work with Windows authentication and I can access shares from the ubuntu machine, it's just sharing local directories with the correct permissions that I can't work out. So far I can access the files from my other machine, but I do not have write access even though I am logged on as a user who is a member of GroupWithWriteAccess.
i have 3 shares on my samba. i have users - user, manager and boss projects is RW to everyone reference is R to everyone RW to manager and boss Proposals is RW only to boss, no access to others However when boss logs in and creates a directory in projects share, the directory can only be renamed bu users and manager, and directory contents are read only for users and managers, even deletion / rename is denied. How can i make sure that when ever boss creates a directory in projects, it retains base folder permissions and is writable to user this is my samba file... i am using red hat 6.1 with samba 3.5.6 (i think)
I am trying to setup fstab to automatically mount my NTFS partitions. I have used various Mount managers to create the entries in fstab. The fstab seems fine, but when mounting at boot or even via Nautilus I get the error message that I do not have permission to mount the disk.
1) Can this permission be set in the fstab file? If so what is the syntax of the fstab entry?
2) If not, is there a tool i.e. GUI to set the mount permissions?
I have a web server set up, and for a while I just let it show the default "test" page, but now I am wanting to actually show something of my own.
I downloaded a couple templates from the internet (free ones), and copied the first one to the /var/www/html folder (including subfolders for ./images and such), and it used an index.php file, but when viewing in my browser, it showed the actual text of the file, not the graphics and images and stuff.
So I deleted those files and "installed" the second template, which uses an index.html file instead.
I am once again getting the default "Apache is running but not configured" page again, even though I have verified multiple times that the index.html file is located in /var/www/html
if I include the index.html file in the path to my website, I get a 403 Forbidden, so I'm thinking it has to do with file ownership or permissions.
I placed the files there as "root", and have tried several combinations of possible permissions (root:root is the owner:group) without any luck.
Im running samba on fedora core 7, im abit new to the server part of fedora, i set up samba and it runs well, only issue i have now is resolving permissions( User Rights)i have a shared folder which has alot of files and many subfolders in it, the files and folders in this shared foldr were copied from our old Novell Server through samba, i need to assign permissions to this folder where by a defined usergroup can have full read and write permissions to all the files and folders and sub-folders in the shared folder. i tried doing it in GUI but i realized there were over 1000 subfolders.is there a command i can run in the Terminal to help me assign the permissions?
I'm rather new to Fedora server, but I'm attempting to run a music FTP server, where anonymous users can submit songs into one particular folder (so i can personally tag them), while other user accounts have full read-write. Here we go: I 2 directories, /music and /untagged
I want anonymous users to be able to read both directories, but only be able to upload to /untagged, and not be able to delete anything. I want users that I select to have full read-write-create-delete privileges. how would I go about this with vsftpd?
How can I set permissions for users within the share? Example: I have a share called Programming and some user can create folders within it most others can not, can read the documents. How do I set permissions?
From Konqueror/Dolphin is possible to access samba shares. If your computer is joined to a Active Directory domain and you use a domain user, you can access samba shares with smb://server.domain/share and you are not ask for user/pass (you use a kerberos tiquet). Kde programs as Amarok, K3b, ... can access files in samba shares without problem. But other programs, specially gnome programs (including the popular OpenOffice), are unable to use files in a samba share. If instead of using Konqueror/dolphin you use Nautilus, there is no problem because it maps the share to a local folder ($HOME/.gvfs/share in sever/) and the program are able to access files in samba shares without problems as the folder is mounted locally (as if you use cifs.mount). Its a problem to use konqueror/dolphin and have to change to nautilus to access samba shares.
If you use Windows you can mount it in an easy way. That's what I try to do from konqueror, not having to open a konsole and be able to mount the share in an easy way. I've tried with smb4k, but is has not worked for me (tried in 2 OpenSuse 11.3 and 1 opensuse 11.2). What Nautilus does when accessing a samba shares like smb://server.domain.dom/share is to execute the command: [URL]... What I try is to do the same, but just form Konqueror/Dolphin. I'd like to add a button to Konqueror/dolphin that pressing the button and if the URL points to a samba share, the share is mounted in $HOME/LocalNetwork/server/share. As I say, it can be as easy as executing the gvfs-mount, but don't know how.
I'm mounting a Windows share using the following in Ubuntu: mount -t cifs username=MYUSER,password=1234 //192.168.1.5/myshare /mnt/windows_share
This works fine, but I would like to mount the share using the computer's hostname, not the IP. I can ping the hostname fine, but I mounting using the hostname instead of the IP does not work. The share cannot be found.
In Windows, I can access the share as \COMPUTER\myshare, and using Nautilus in Ubuntu, I can connect to //COMPUTER/myshare, but I can't use the name in the mount command.
For some strange reason, I can't seem to be able to mount the nfs share from my FreeNAS system on SL6. I'm able to do it just fine from Ubuntu 10.04, Linux mint 9, Fedora 14, CentOS 5.5, and OS X Snow Leopard, so it has to be something specific to SL6. The below command does not work: mount freenas:/mnt/share /test.
I get a mount.nfs error message that says "requested NFS version or transport protocol is not supported." I also tried this command which yielded the same result: mount -t nfs FreeNAS:/mnt/share /test Am I doing something wrong or is this just a bug with SL6?
I've created a mysql user and he can connect Joomla to mysqld when everyone has full permissions to the mysql homedir but I know this is bad from a security standpoint. If I set mysql user as the only one with permissions then I can't connect. I know Joomla support is not very help from past experience, wish I could dump it for something else but it does work great once it is configured so I need to keep it around, can anyone make a guess as to what permissions I need to have set on mysql's home dir so that joomla can still connect yet I am more secure than now?
Unix permissions 000 given to directories.I m testing Netatalk 2.0.5 on my fedora machine with afpfs-ng. I m using afpcmd command to access the volumes on the netatalk server. the directories that i m creating via afpcmd are being created with permissions 000. I cannot browse thru them.
I'm running sid, and doing weekly updates. Recently I've been unable to mount nfs shares on one of my home computers. I haven't changed any settings, and nfs works fine on the other computers on my small home network. I suspect an update messed something up with nfs.