HPE Community
Operating System - HP-UX
1753513 Members
5398 Online
108795 Solutions
New Discussion юеВ

Re: nfs question

 
SOLVED
Go to solution
VINCENT SPURGEON
Frequent Advisor

тАО10-13-2000 02:32 PM

тАО10-13-2000 02:32 PM

nfs question

I have filesystem is exported from HPUX 11.

A Linux box can see all the files and a NT box can't.

Each is set up identical under /etc/exports for root access.

I suspect I have a uid permissions where NT is using PCNFSD? If so, how do I fix? I've tried adding 'uidrange 0-65000' in the /etc/pcnfsd.conf file. Same thing.

Any suggestions?
It's only a flesh wound...
0 Kudos
Reply
5 REPLIES 5
Ian_4
Honored Contributor

тАО10-13-2000 03:05 PM

тАО10-13-2000 03:05 PM

Solution

Re: nfs question

a. Create the file /etc/pcnfsd.conf.

It will contain one line that reads:

uidrange 0-60002

Save and close this file.

b. Start PCNFS.

On HP-UX:

Edit the /etc/rc.config.d/nfsconf file.
In it, change the

PCNFS_SERVER= line to look like this:
PCNFS_SERVER=1

Save and close this file.

To start the service, run the command:

/sbin/init.d/nfs.server start


3. Ensure that NFS is running on the server.

ps -ef | grep nfsd

b. If the nfsd process is not running, edit the file
/etc/rc.config.d/nfsconf and change NFS_SERVER=0 to
NFS_SERVER=1 and run the following command:
/sbin/init.d/nfs.server start


4. Configure the exportation of the file system to the
client as follows:

edit the /etc/exports file. You will either modify two
existing lines or add new ones, depending on the contents
of this file.

-- If the line /etc/opt/ -root= is present, add your
NT system?s name after the equal sign.
If there is already a system name after the equal sign,
then add a colon (:) followed by your NT system?s name
after the first system name.

-- If the line /var/opt/ -root= is not present, add
it and include your console system?s name.

-- Do the same for the line /var/opt/OV/share -root=.

When you have finished editing, the file should look
ike this:

/etc/opt/ -root=NT_System
/var/opt/ -root=NT_System

Save and close the /etc/exports file.



5. Run the following two commands to unexport and
re-export the directories from the server:


/usr/sbin/exportfs -au
/usr/sbin/exportfs -av


Try now to map the drive from your NT system.

Ian.
Reply
VINCENT SPURGEON
Frequent Advisor

тАО10-13-2000 04:06 PM

тАО10-13-2000 04:06 PM

Re: nfs question

Made changes per your instructions.

I can see the files from the NT system.

The problem is that in a certain sub-dir (/apps) that is being exported, a user has a file set with 700 permissions.

When I mount the filesystem with Linux I can see all the files there including the one with 700 permissions. I can copy it, view it, etc.

On NT, if I use the id 'root' (uid=0) to mount the filesystem, I can see the file but I get access denied when I try to open it for viewing. If I used the 'user' (uid=104) to mount the filesystem, I can view the file with no problems.
It's only a flesh wound...
0 Kudos
Reply
VINCENT SPURGEON
Frequent Advisor

тАО10-13-2000 04:23 PM

тАО10-13-2000 04:23 PM

Re: nfs question

Oh and by the way, when I'm on the NT system using Explorer, I can see the file when mounting the filesystem with 'root' id, can't view it, but it will let me rename it.

I then checked on the Unix system and the file changed permissions to rwxrw-w-.

Still couldn't view though...
It's only a flesh wound...
0 Kudos
Reply
Ian_4
Honored Contributor

тАО10-14-2000 08:53 AM

тАО10-14-2000 08:53 AM

Re: nfs question

What version of nfs are U using on the NT system? -he default for Unix 11.00 is nfs version 3 - I think that the problem is with the NT system nfs client (maybe runnig nfs v2 or need setting config etc. or simply a bug) - What ps/nsf software and version are U using on the NT system?.

Ian.
Reply
Bill Hassell
Honored Contributor

тАО10-14-2000 02:14 PM

тАО10-14-2000 02:14 PM

Re: nfs question

Normal UNIX permission behavior. You can set a file to 000 permission and change the owner to root...but that will have *NO* effect on being able to rename the file or to remove the file.

Permissions refer only to the file's contents. Since directories are also files, the contents of a directory are the entries (filenames) so if you have permission to write to a directory, you can blow away every file in that directory no matter who owns the files or the associated permissions.

NFS has one bit of security--root is never exported by default. Being root on a client system must never give the client root permissions on the server by default. In order to give away such permission (be very careful), read the man page for exports.

As with all NFS mounts, the password files will decode the user/group IDs so the owner may not look the same...such are the pitfalls of splicing systems together.


Bill Hassell, sysadmin
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.