System Administration
Showing results for 
Search instead for 
Did you mean: 

NFS share with RW for everyone

Go to solution
Nicolas G.
Occasional Contributor

NFS share with RW for everyone

Hi guys,
I need to share a directory across multiple servers and I need to do it with NFS. I have already set up shares in the past that are working fine, but this one needs to be RW for everyone (non root users). For some reason, only root is able to write to the share on the clients. Here is my config:

/etc/exports on server:
/share *(rw,insecure,nohide,no_root_squash)

/etc/fstab on clients:
server:/share /share nfs rw 0 0

What am I missing in order to allow this to happen?

Thanks, Nicolas.
Occasional Advisor

Re: NFS share with RW for everyone


Did you also set file level permissions to allow everyone to read/write?

What is the output of the below command?

ls -l /share

Steven E. Protter
Exalted Contributor

Re: NFS share with RW for everyone


from client

showmount -e server

Steven E Protter
Owner of ISN Corporation
Nicolas G.
Occasional Contributor

Re: NFS share with RW for everyone

J117, thanks for the tip. Permissions where too restrictive but it worked with 777.
Occasional Advisor

Re: NFS share with RW for everyone


That will cause anyone with access to that network to be able to read/write/execute/delete those files - across the network. Not the best thing in most cases.

Here's a better way:

Create a group common to both systems. For this example we'll call it Ngroup (you can call it anything).

In the group file on both system add Ngroup with the same group number. In this case lets say that group number 78 is free.

So Ngroup is created on both systems and is assigned a value of 78 (you need to make certain that 78 is not a number assigned to any other group). There's nothing special about 78 I chose it off the top of my head for this example.

Populate Ngroup ownership with whatever users are needing access to that NFS mount.

Then change both the group ownership and permissions on the directories to whatever level of strictness you desire.

chgrp Ngroup /share
chmod 750 /share

The above two commands will ensure that the world has no access but that members of Ngroup have read+execute access (owner has ful access).

Care will have to be taken that whatever processes create files in that directory will create them with Ngroup as the group name for the files.

I'm in a rush at the moment so I glossed over some of the details but have provided the broad sketch you need to restrict access to users possessing only a specific group membership.

If you need more detail let me know.

I would also restrict what hosts can mount the share by specifying the appropriate clients in the exports file.