Date: Sat, 24 Nov 2012 17:28:19 -0600 From: Tim Daneliuk <tundra@tundraware.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: I Guess I Don't Understand NFS As Well As I Thought Message-ID: <50B15813.80202@tundraware.com> In-Reply-To: <FD48B586-2512-4EA1-A4D6-86C5028CFC28@lafn.org> References: <50B12EC7.6060705@tundraware.com> <D5720263-6E1E-40D5-BCEA-7246AAFB9B2C@lafn.org> <50B14C1A.3070605@tundraware.com> <FD48B586-2512-4EA1-A4D6-86C5028CFC28@lafn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/24/2012 05:13 PM, Doug Hardie wrote: > > On 24 November 2012, at 14:37, Tim Daneliuk wrote: > >> On 11/24/2012 03:25 PM, Doug Hardie wrote: >>> >>> On 24 November 2012, at 12:32, Tim Daneliuk wrote: >>> >>>> Can someone kindly explain what is going on here: >>>> >>>> Machine A: FreeBSD - was running 8, just upgraded to 9.1-PRE >>>> (I don't recall seeing the behavior described below >>>> in V8, but then, I don't think I ever tried it). >>>> >>>> Machine B: Linux Mint Desktop >>>> >>>> - Machine A acts as an NFS server for Machine B. >>>> >>>> - Machine A exports a particular directory like this: >>>> >>>> /usr/foo -maproot=myid -network ... >>>> >>>> >>>> - /usr/foo/bar is owned by root on Machine A and has files therein >>>> owned as root:root with permissions of 600. >>>> >>>> - If I access /usr/foo/bar/file1 from Machine B, I cannot read it >>>> but - and this is the part I don't get - I CAN *rename* it. >>>> >>>> What's going on? Since /foo/bar/ is owned by root and everything >>>> in it is 600 root:root, I would not expect a remote access to allow >>>> things like renaming. Clearly I am missing something here, but I >>>> don't get it. >>> >>> What are the permissions on the directory /usr/foo/bar? >> >> 775 >> >> >> Let me correct something. The files in that directory are >> owned by root:wheel (not root:root - I got my *nixes >> confused), but they definitely have 600 perms. >> >> On Machine A, user 'myid' is IN the wheel group but I still >> don't see how he's getting permission to rename the file.\ > > Renaming a file does not change the file itself. It updates the directory. Any user in group wheel has the authority to write to the directory (e.g., change a file's name). The directory permissions are rwx for group wheel. You can either try a user on machine B who is not in group wheel or change the directory permissions to 755 on /usr/foo/bar. Then it would work as you expect. > > D'oh ... of course that's it. Thanks. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50B15813.80202>