Date: Thu, 1 Oct 2009 08:16:48 +0700 (ICT) From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th> To: gpeel@thenetnow.com Cc: amvandemore@gmail.com, freebsd-questions@freebsd.org Subject: Re: Netwroked Storage Message-ID: <200910010116.n911Gmk2024725@banyan.cs.ait.ac.th> In-Reply-To: <BCDC44AF12A948548DAE12AB40BC4E18@GRANT> (gpeel@thenetnow.com) References: <ADA4B9316B604F71BBBA917DB1CF9306@GRANT> <6201873e0909300607u7bdbe45aw91972f253299e853@mail.gmail.com> <BCDC44AF12A948548DAE12AB40BC4E18@GRANT>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > All of the 200 domains on each server have thier own Real Unix user > (obviously). Once the NAS is setup, (using NFS), how do the permissions on > the NAS machine play out? i.e. when user 'hisname' logs into a server via > ftp, and uploads a file to his home directory (which is on the NAS), will > the file permissions be the same, and will 'hisname' own the file exactly > the same as if he were writing to the local (server) disk? That is expected, else something bad would exists in the configuration of the NAS. > In the NAS > exports do I have to map every user to the NFS or can I just maproot? Maproot is the easiest as it gives complete access to the NFS exported directory. Now you may consider that for security reason, users of client-machine 1 should only be allowed to NFS mount their own home directory. In that case, you may need the users of client-machine 1 to exist on client-machine 1 and on the server, etc for machine 2... Actually I never had this case when a user account only exists on an NFS client but not on the NFS server, so I am not too sure. I guess that user ID of the users should be different on every client system. You may consider an LDAP directory for your users, where the server would see all the users, but each client-machine would see only the users belonging to it (I thing that there is an "host" attributes, so client-1 only sees the users with host=client-1). Good luck, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910010116.n911Gmk2024725>