Greetings,
I am setting up an NFS gateway on a Win2k server to allow clients to get
netbios access to NFS shared Unix resources. I am using Unix Services for
Windows NFS Gateway to do this. This part is all good and works alright, if
not a little slowly.
The problem I have might take some explaining via e-mail so be kind, here
goes anyhow...
I have an NFS server (ophiucus) with a share at /PROD/output with the
following line in /etc/exports:
/PROD/output -anon=321 capricorn cygnus
This should allow access from hosts capricorn and cygnus and make anonymous
operations be performed as UID 321 (winnfs, NIS user) instead of nobody.
By my thinking if I have the following:
root_at_ophiucus:/PROD/output/test# ls -al
total 16
drwxrwxr-x 2 winnfs system 8192 Feb 22 15:37 .
drwxrwxr-x 15 winnfs system 8192 Feb 22 14:39 ..
-rwxrwxr-x 1 winnfs system 0 Feb 22 15:37 test.txt
and on NFS client machine (capricorn) I have this:
root_at_capricorn:/mnt/test> mount
<snip locally mounted drives>
ophiucus:/PROD/output on /mnt type nfs (v3, rw, udp, hard, intr)
root_at_capricorn:/mnt/test> ls -al
total 16
drwxrwxr-x 2 winnfs system 8192 Feb 22 15:37 .
drwxrwxr-x 15 winnfs system 8192 Feb 22 14:39 ..
-rwxrwxr-x 1 winnfs system 0 Feb 22 15:37 test.txt
and am logged in as a user called 'testuser' which doesn't exist on the NFS
server, operations should be done as the anonymous user, in this case,
winnfs. What i am seeing though is that if I create files they are created
with winnfs as the owner but subsequent writes to the file are denied. I
can delete and create files due to the 'world' permissions but cannot write
to an existing file.
I'm not sure what I'm missing here. What UID is the NFS client machine
using to check access to files? I would have thought this to be an
anonymous operation and therefore done as winnfs user but it seems only
creation of files happens as that user?
Any help appreciated!
Kind Regards,
Adrian Blount
Security Engineer
Alphawest 6 Pty. Ltd.
Phone: +61 8 9429 6100
Fax: +61 8 9429 6130
http://www.alphawest6.com.au
**********************************************************************
The Valuer General's Office of WA
Phone: 61 8 9429 8400
Web:
http://www.vgo.wa.gov.au
Location: Level 2, 18 Mount St, Perth, Western Australia
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the helpdesk (helpdesk_at_vgo.wa.gov.au).
This email message has been swept by MIMEsweeper for the presence of computer viruses.
**********************************************************************
Received on Fri Feb 22 2002 - 09:04:44 NZDT