I Guess I Don't Understand NFS As Well As I Thought

Tim Daneliuk tundra at tundraware.com
Sat Nov 24 23:28:33 UTC 2012 

On 11/24/2012 05:13 PM, Doug Hardie wrote:
>
> On 24 November 2012, at 14:37, Tim Daneliuk wrote:
>
>> On 11/24/2012 03:25 PM, Doug Hardie wrote:
>>>
>>> On 24 November 2012, at 12:32, Tim Daneliuk wrote:
>>>
>>>> Can someone kindly explain what is going on here:
>>>>
>>>> Machine A:  FreeBSD - was running 8, just upgraded to 9.1-PRE
>>>>             (I don't recall seeing the behavior described below
>>>>              in V8, but then, I don't think I ever tried it).
>>>>
>>>> Machine B:  Linux Mint Desktop
>>>>
>>>> - Machine A acts as an NFS server for Machine B.
>>>>
>>>> - Machine A exports a particular directory like this:
>>>>
>>>>    /usr/foo  -maproot=myid     -network ...
>>>>
>>>>
>>>> - /usr/foo/bar is owned by root on Machine A and has files therein
>>>>   owned as root:root with permissions of 600.
>>>>
>>>> - If I access /usr/foo/bar/file1 from Machine B, I cannot read it
>>>>   but - and this is the part I don't get - I CAN *rename* it.
>>>>
>>>> What's going on?  Since /foo/bar/ is owned by root and everything
>>>> in it is 600 root:root, I would not expect a remote access to allow
>>>> things like renaming.  Clearly I am missing something here, but I
>>>> don't get it.
>>>
>>> What are the permissions on the directory /usr/foo/bar?
>>
>> 775
>>
>>
>> Let me correct something.  The files in that directory are
>> owned by root:wheel (not root:root - I got my *nixes
>> confused), but they definitely have 600 perms.
>>
>> On Machine A, user 'myid' is IN the wheel group but I still
>> don't see how he's getting permission to rename the file.\
>
> Renaming a file does not change the file itself.  It updates the directory.  Any user in group wheel has the authority to write to the directory (e.g., change a file's name).  The directory permissions are rwx for group wheel.  You can either try a user on machine B who is not in group wheel or change the directory permissions to 755 on /usr/foo/bar.  Then it would work as you expect.
>
>


D'oh ... of course that's it.   Thanks.



-- 
----------------------------------------------------------------------------
Tim Daneliuk     tundra at tundraware.com
PGP Key:         http://www.tundraware.com/PGP/

More information about the freebsd-questions mailing list