I Guess I Don't Understand NFS As Well As I Thought
Doug Hardie
bc979 at lafn.org
Sat Nov 24 23:13:56 UTC 2012
On 24 November 2012, at 14:37, Tim Daneliuk wrote:
> On 11/24/2012 03:25 PM, Doug Hardie wrote:
>>
>> On 24 November 2012, at 12:32, Tim Daneliuk wrote:
>>
>>> Can someone kindly explain what is going on here:
>>>
>>> Machine A: FreeBSD - was running 8, just upgraded to 9.1-PRE
>>> (I don't recall seeing the behavior described below
>>> in V8, but then, I don't think I ever tried it).
>>>
>>> Machine B: Linux Mint Desktop
>>>
>>> - Machine A acts as an NFS server for Machine B.
>>>
>>> - Machine A exports a particular directory like this:
>>>
>>> /usr/foo -maproot=myid -network ...
>>>
>>>
>>> - /usr/foo/bar is owned by root on Machine A and has files therein
>>> owned as root:root with permissions of 600.
>>>
>>> - If I access /usr/foo/bar/file1 from Machine B, I cannot read it
>>> but - and this is the part I don't get - I CAN *rename* it.
>>>
>>> What's going on? Since /foo/bar/ is owned by root and everything
>>> in it is 600 root:root, I would not expect a remote access to allow
>>> things like renaming. Clearly I am missing something here, but I
>>> don't get it.
>>
>> What are the permissions on the directory /usr/foo/bar?
>
> 775
>
>
> Let me correct something. The files in that directory are
> owned by root:wheel (not root:root - I got my *nixes
> confused), but they definitely have 600 perms.
>
> On Machine A, user 'myid' is IN the wheel group but I still
> don't see how he's getting permission to rename the file.\
Renaming a file does not change the file itself. It updates the directory. Any user in group wheel has the authority to write to the directory (e.g., change a file's name). The directory permissions are rwx for group wheel. You can either try a user on machine B who is not in group wheel or change the directory permissions to 755 on /usr/foo/bar. Then it would work as you expect.
More information about the freebsd-questions
mailing list