From owner-freebsd-chat@FreeBSD.ORG  Thu Jun 30 08:41:13 2005
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
X-Original-To: freebsd-chat@freebsd.org
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4713A16A41C
	for <freebsd-chat@freebsd.org>; Thu, 30 Jun 2005 08:41:13 +0000 (GMT)
	(envelope-from chu@kemia.me.tut.fi)
Received: from kemia.me.tut.fi (kemia.me.tut.fi [130.230.40.29])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C02B443D49
	for <freebsd-chat@freebsd.org>; Thu, 30 Jun 2005 08:41:12 +0000 (GMT)
	(envelope-from chu@kemia.me.tut.fi)
Received: from kempc17.me.tut.fi (kempc32.me.tut.fi [130.230.40.50])
	by kemia.me.tut.fi (8.13.1/8.13.1) with ESMTP id j5U8f8Eq000664
	for <freebsd-chat@freebsd.org>; Thu, 30 Jun 2005 11:41:08 +0300
Date: Thu, 30 Jun 2005 11:41:07 +0300
To: freebsd-chat@freebsd.org
From: "Vladimir Chukharev" <chu@kemia.me.tut.fi>
Organization: Tampere University of Technology
Content-Type: text/plain; format=flowed; delsp=yes; charset=iso-8859-1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID: <op.ss6c2tia1taxl4@kempc17.me.tut.fi>
User-Agent: Opera M2/8.01 (FreeBSD, build 1204)
Subject: NFS, access problem
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2005 08:41:13 -0000

Hi,

I have a weird problem of access to files on an NFS-mounted
file system. I cannot read (and write to) files, which I think
I should be able to read and write.

I checked everything what I can think of, but I cannot find
why access is denied.

I tried to google the problem, no result. It is not FreeBSD
specific, nevertheless I will ask here.


What has been checked:
permissions,
owner and group,
that I belong to the group on both computers,
correspondence of the groups on the two computers,
correspondence of /etc/group to /etc/gshadow on the server (FC3/AMD64),
number of groups I belong to (6 on client, 7 (or 6 as a test) on server),
that SELinux on the server is disabled,
that the same is with a client under FreeBSD, Mandrake and Gentoo,
that /etc/exports on the server does not put any special restrictions,
that mount on the client is done without any special tricks,
that local system (i.e. FreeBSD) does not have flags on the files,
that there is no second name for the group, on both computers.


I am lost... What do I look at and do not see?
What else can be the reason?


A test case is prepared. One file belongs to group 'research',
another to group 'devel'. I cannot understand why I have no
access to the second file.


First, on the local machine (client).
++++++++++++++++++++++
chu@chu:/mnt/kemia/home/Research/Devel 09:38:10 $ cat test1
This I can read and write locally and over NFS.
chu@chu:/mnt/kemia/home/Research/Devel 09:48:52 $ cat test2
cat: test2: Permission denied
chu@chu:/mnt/kemia/home/Research/Devel 09:48:52 $ ls -Fail
total 24
12763141 drwxrws---   4 chu   devel     4096 Jun 29 22:00 ./
12763137 drwxr-sr-x  10 root  research  4096 Jun  8 16:53 ../
12913617 drwxrws---  21 chu   devel     4096 Mar  1 11:31 Instr/
12914575 drwxrws---  17 501   devel     4096 Mar 14 14:33 prog/
12770983 -rw-rw----   1 root  research    48 Jun 29 21:59 test1
12770877 -rw-rw----   1 root  devel       58 Jun 29 22:00 test2
chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ ls -Failn
total 24
12763141 drwxrws---   4 540  1007  4096 Jun 29 22:00 ./
12763137 drwxr-sr-x  10 0    1001  4096 Jun  8 16:53 ../
12913617 drwxrws---  21 540  1007  4096 Mar  1 11:31 Instr/
12914575 drwxrws---  17 501  1007  4096 Mar 14 14:33 prog/
12770983 -rw-rw----   1 0    1001    48 Jun 29 21:59 test1
12770877 -rw-rw----   1 0    1007    58 Jun 29 22:00 test2
chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ grep -i chu /etc/group | wc -l
        6
chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ grep -iE '(devel)|(research)' /etc/group
research:*:1001:chu
devel:*:1007:nick,chu
chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ uname -a
FreeBSD chu.xxx.xxx.xx 5.4-STABLE FreeBSD 5.4-STABLE #30: Mon Jun 20 19:39:44 EEST 2005     root@chu.xxx.xxx.xx:/usr/obj/usr/src/sys/CHU  i386
chu@chu:/mnt/kemia/home/Research/Devel 10:07:35 $ grep kemia /etc/fstab
kemia.xxx.xxx.xx:/home           /mnt/kemia/home         nfs     rw,bg,tcp,intr,soft,noauto      0       0
chu@chu:/mnt/kemia/home/Research/Devel 10:16:13 $ grep chu /etc/passwd
chu:*:540:540:Vladimir Chukharev:/home/chu:/usr/local/bin/bash
--------------------

Now, on the remote server, which exports the FS.
++++++++++++++++++++
chu@kemia:/home/Research/Devel 09:53:46 $ cat test1
This I can read and write locally and over NFS.
chu@kemia:/home/Research/Devel 09:53:49 $ cat test2
This I can read and write only locally, but not over NFS.
chu@kemia:/home/Research/Devel 09:53:49 $ ls -Fail
total 24
12763141 drwxrws---   4 chu  devel    4096 Jun 29 22:00 ./
12763137 drwxr-sr-x  10 root research 4096 Jun  8 16:53 ../
12913617 drwxrws---  21 chu  devel    4096 Mar  1 11:31 Instr/
12914575 drwxrws---  17 nick devel    4096 Mar 14 14:33 prog/
12770983 -rw-rw----   1 root research   48 Jun 29 21:59 test1
12770877 -rw-rw----   1 root devel      58 Jun 29 22:00 test2
chu@kemia:/home/Research/Devel 09:53:49 $ ls -Failn
total 24
12763141 drwxrws---   4 540 1007 4096 Jun 29 22:00 ./
12763137 drwxr-sr-x  10   0 1001 4096 Jun  8 16:53 ../
12913617 drwxrws---  21 540 1007 4096 Mar  1 11:31 Instr/
12914575 drwxrws---  17 501 1007 4096 Mar 14 14:33 prog/
12770983 -rw-rw----   1   0 1001   48 Jun 29 21:59 test1
12770877 -rw-rw----   1   0 1007   58 Jun 29 22:00 test2
chu@kemia:/home/Research/Devel 09:53:49 $ grep -i chu /etc/group | wc -l
7
chu@kemia:/home/Research/Devel 09:53:49 $ grep -iE '(devel)|(research)' /etc/group
research:x:1001:nick,chu, [deleted]
devel:x:1007:nick,chu, [deleted]
chu@kemia:/home/Research/Devel 09:53:49 $ uname -a
Linux kemia.xx.xx.xx 2.6.10-1.770_FC3 #1 Thu Feb 24 18:09:38 EST 2005 x86_64 x86_64 x86_64 GNU/Linux
chu@kemia:/home/Research/Devel 09:53:49 $
chu@kemia:/home/Research/Devel 09:53:49 $ sudo grep -i chu /etc/gshadow | wc -l
7
chu@kemia:/home/Research/Devel 09:53:49 $ sudo egrep '(devel)|(research)' /etc/gshadow
research:::nick,chu, [deleted]
devel:::nick,chu, [deleted]
chu@kemia:/home/Research/Devel 09:53:49 $ cat /etc/exports
/home/Research  xxx.xxx.xx.0/255.255.255.0(sync,rw)
/home/Public    xxx.xxx.xx.0/255.255.255.0(sync,rw)
/home/users     xxx.xxx.xx.0/255.255.255.0(sync,rw)
/home           xxx.xxx.xx.0/255.255.255.0(sync,rw)
chu@kemia:/home/Research/Devel 10:07:20 $ grep chu /etc/passwd
chu:x:540:540:Vladimir Chukharev:/home/users/chu:/bin/bash
----------------------

Note, that the deleted part of the group devel is shorter, than that of research.
It is not the cause of the problem, I tried to make it short.

ANY ideas? Please?

Best regards,
-- 
V.Chukharev