From owner-freebsd-questions@FreeBSD.ORG Thu Oct 1 01:16:55 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ECB4B106568B for ; Thu, 1 Oct 2009 01:16:55 +0000 (UTC) (envelope-from Olivier.Nicole@cs.ait.ac.th) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) by mx1.freebsd.org (Postfix) with ESMTP id 993998FC12 for ; Thu, 1 Oct 2009 01:16:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.cs.ait.ac.th (Postfix) with ESMTP id AF2E33A3872; Thu, 1 Oct 2009 08:16:50 +0700 (ICT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h= references:subject:subject:in-reply-to:from:from:message-id:date :date:received:received:received; s=selector1; t=1254359810; x= 1256174210; bh=ARZaaXztSNgeH+oo8YcUQ+hF+EdJIbdL8jJO33nHa3U=; b=m rjZkt/samSw6TcIRaN5zckw88kpNYbsFrNfepBqNCYVLLnHbh/DUFpZZEu5/eH4K 4LdUMg5bDGjD958dgFnQaX0zBFXT3qSb2GoaIn+czdZZQjnqUPrVZcBasrzMqiND Egwv3rldKT/OFcBuYE6BlUc1plMEDrb/F24DauDvYA= X-Virus-Scanned: amavisd-new at cs.ait.ac.th Received: from mail.cs.ait.ac.th ([127.0.0.1]) by localhost (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id W9XxZTmsyJF6; Thu, 1 Oct 2009 08:16:50 +0700 (ICT) Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.cs.ait.ac.th (Postfix) with ESMTPS id 961683A3839; Thu, 1 Oct 2009 08:16:49 +0700 (ICT) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.14.3/8.14.3/Submit) id n911Gmk2024725; Thu, 1 Oct 2009 08:16:48 +0700 (ICT) (envelope-from on) Date: Thu, 1 Oct 2009 08:16:48 +0700 (ICT) Message-Id: <200910010116.n911Gmk2024725@banyan.cs.ait.ac.th> From: Olivier Nicole To: gpeel@thenetnow.com In-reply-to: (gpeel@thenetnow.com) References: <6201873e0909300607u7bdbe45aw91972f253299e853@mail.gmail.com> Cc: amvandemore@gmail.com, freebsd-questions@freebsd.org Subject: Re: Netwroked Storage X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 01:16:56 -0000 Hi, > All of the 200 domains on each server have thier own Real Unix user > (obviously). Once the NAS is setup, (using NFS), how do the permissions on > the NAS machine play out? i.e. when user 'hisname' logs into a server via > ftp, and uploads a file to his home directory (which is on the NAS), will > the file permissions be the same, and will 'hisname' own the file exactly > the same as if he were writing to the local (server) disk? That is expected, else something bad would exists in the configuration of the NAS. > In the NAS > exports do I have to map every user to the NFS or can I just maproot? Maproot is the easiest as it gives complete access to the NFS exported directory. Now you may consider that for security reason, users of client-machine 1 should only be allowed to NFS mount their own home directory. In that case, you may need the users of client-machine 1 to exist on client-machine 1 and on the server, etc for machine 2... Actually I never had this case when a user account only exists on an NFS client but not on the NFS server, so I am not too sure. I guess that user ID of the users should be different on every client system. You may consider an LDAP directory for your users, where the server would see all the users, but each client-machine would see only the users belonging to it (I thing that there is an "host" attributes, so client-1 only sees the users with host=client-1). Good luck, Olivier