From owner-freebsd-questions@FreeBSD.ORG Sat Nov 24 23:13:56 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D511ECD5 for ; Sat, 24 Nov 2012 23:13:56 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from zoom.lafn.org (zoom.lafn.org [108.92.93.123]) by mx1.freebsd.org (Postfix) with ESMTP id 8B0AB8FC12 for ; Sat, 24 Nov 2012 23:13:56 +0000 (UTC) Received: from [10.0.1.4] (pool-98-112-217-228.lsanca.fios.verizon.net [98.112.217.228]) (authenticated bits=0) by zoom.lafn.org (8.14.3/8.14.2) with ESMTP id qAONDt51021788; Sat, 24 Nov 2012 15:13:55 -0800 (PST) (envelope-from bc979@lafn.org) Subject: Re: I Guess I Don't Understand NFS As Well As I Thought Mime-Version: 1.0 (Apple Message framework v1283) Content-Type: text/plain; charset=us-ascii From: Doug Hardie In-Reply-To: <50B14C1A.3070605@tundraware.com> Date: Sat, 24 Nov 2012 15:13:55 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: References: <50B12EC7.6060705@tundraware.com> <50B14C1A.3070605@tundraware.com> To: Tim Daneliuk X-Mailer: Apple Mail (2.1283) X-Virus-Scanned: clamav-milter 0.97 at zoom.lafn.org X-Virus-Status: Clean Cc: FreeBSD Mailing List X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Nov 2012 23:13:56 -0000 On 24 November 2012, at 14:37, Tim Daneliuk wrote: > On 11/24/2012 03:25 PM, Doug Hardie wrote: >>=20 >> On 24 November 2012, at 12:32, Tim Daneliuk wrote: >>=20 >>> Can someone kindly explain what is going on here: >>>=20 >>> Machine A: FreeBSD - was running 8, just upgraded to 9.1-PRE >>> (I don't recall seeing the behavior described below >>> in V8, but then, I don't think I ever tried it). >>>=20 >>> Machine B: Linux Mint Desktop >>>=20 >>> - Machine A acts as an NFS server for Machine B. >>>=20 >>> - Machine A exports a particular directory like this: >>>=20 >>> /usr/foo -maproot=3Dmyid -network ... >>>=20 >>>=20 >>> - /usr/foo/bar is owned by root on Machine A and has files therein >>> owned as root:root with permissions of 600. >>>=20 >>> - If I access /usr/foo/bar/file1 from Machine B, I cannot read it >>> but - and this is the part I don't get - I CAN *rename* it. >>>=20 >>> What's going on? Since /foo/bar/ is owned by root and everything >>> in it is 600 root:root, I would not expect a remote access to allow >>> things like renaming. Clearly I am missing something here, but I >>> don't get it. >>=20 >> What are the permissions on the directory /usr/foo/bar? >=20 > 775 >=20 >=20 > Let me correct something. The files in that directory are > owned by root:wheel (not root:root - I got my *nixes > confused), but they definitely have 600 perms. >=20 > On Machine A, user 'myid' is IN the wheel group but I still > don't see how he's getting permission to rename the file.\ Renaming a file does not change the file itself. It updates the = directory. Any user in group wheel has the authority to write to the = directory (e.g., change a file's name). The directory permissions are = rwx for group wheel. You can either try a user on machine B who is not = in group wheel or change the directory permissions to 755 on = /usr/foo/bar. Then it would work as you expect.