From owner-freebsd-chat@FreeBSD.ORG  Sat Jul  9 08:22:14 2005
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
X-Original-To: freebsd-chat@freebsd.org
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E2CB016A41C
	for <freebsd-chat@freebsd.org>; Sat,  9 Jul 2005 08:22:14 +0000 (GMT)
	(envelope-from chu@h33.erkki.ton.tut.fi)
Received: from h33.erkki.ton.tut.fi (h33.erkki.ton.tut.fi [193.166.84.86])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 745EE43D45
	for <freebsd-chat@freebsd.org>; Sat,  9 Jul 2005 08:22:14 +0000 (GMT)
	(envelope-from chu@h33.erkki.ton.tut.fi)
Received: from [10.10.1.4] (helo=localhost)
	by h33.erkki.ton.tut.fi with esmtp (Exim 4.50 (FreeBSD))
	id 1DrAYR-000Jn3-GO
	for freebsd-chat@freebsd.org; Sat, 09 Jul 2005 11:19:19 +0300
Date: Sat, 09 Jul 2005 11:22:11 +0300
From: "Vladimir Chukharev" <chu@h33.erkki.ton.tut.fi>
To: freebsd-chat@freebsd.org
References: <op.ss6c2tia1taxl4@kempc17.me.tut.fi>
Message-ID: <op.stmz2pwe1taxl4@kempc17.me.tut.fi>
Organization: @home
In-Reply-To: <op.ss6c2tia1taxl4@kempc17.me.tut.fi>
User-Agent: Opera M2/8.01 (FreeBSD, build 1204)
Content-Type: text/plain; format=flowed; delsp=yes; charset=utf-8
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: Re: NFS, access problem [SOLVED]
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jul 2005 08:22:15 -0000

Hi,

I can happily report that latest -STABLE does not show
the described behaviour. So, something was corrected
within last month (next door Linux Ubuntu continues
denying access to the same files).

Thanks to everybody!
-- 
V.Chukharev

> Hi,
>
> I have a weird problem of access to files on an NFS-mounted
> file system. I cannot read (and write to) files, which I think
> I should be able to read and write.
>
> I checked everything what I can think of, but I cannot find
> why access is denied.
>
> I tried to google the problem, no result. It is not FreeBSD
> specific, nevertheless I will ask here.
>
>
> What has been checked:
> permissions,
> owner and group,
> that I belong to the group on both computers,
> correspondence of the groups on the two computers,
> correspondence of /etc/group to /etc/gshadow on the server (FC3/AMD64),
> number of groups I belong to (6 on client, 7 (or 6 as a test) on server),
> that SELinux on the server is disabled,
> that the same is with a client under FreeBSD, Mandrake and Gentoo,
> that /etc/exports on the server does not put any special restrictions,
> that mount on the client is done without any special tricks,
> that local system (i.e. FreeBSD) does not have flags on the files,
> that there is no second name for the group, on both computers.
>
>
> I am lost... What do I look at and do not see?
> What else can be the reason?
>
>
> A test case is prepared. One file belongs to group 'research',
> another to group 'devel'. I cannot understand why I have no
> access to the second file.
>
>
> First, on the local machine (client).
> ++++++++++++++++++++++
> chu@chu:/mnt/kemia/home/Research/Devel 09:38:10 $ cat test1
> This I can read and write locally and over NFS.
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:52 $ cat test2
> cat: test2: Permission denied
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:52 $ ls -Fail
> total 24
> 12763141 drwxrws---   4 chu   devel     4096 Jun 29 22:00 ./
> 12763137 drwxr-sr-x  10 root  research  4096 Jun  8 16:53 ../
> 12913617 drwxrws---  21 chu   devel     4096 Mar  1 11:31 Instr/
> 12914575 drwxrws---  17 501   devel     4096 Mar 14 14:33 prog/
> 12770983 -rw-rw----   1 root  research    48 Jun 29 21:59 test1
> 12770877 -rw-rw----   1 root  devel       58 Jun 29 22:00 test2
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ ls -Failn
> total 24
> 12763141 drwxrws---   4 540  1007  4096 Jun 29 22:00 ./
> 12763137 drwxr-sr-x  10 0    1001  4096 Jun  8 16:53 ../
> 12913617 drwxrws---  21 540  1007  4096 Mar  1 11:31 Instr/
> 12914575 drwxrws---  17 501  1007  4096 Mar 14 14:33 prog/
> 12770983 -rw-rw----   1 0    1001    48 Jun 29 21:59 test1
> 12770877 -rw-rw----   1 0    1007    58 Jun 29 22:00 test2
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ grep -i chu /etc/group | wc -l
>         6
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ grep -iE '(devel)|(research)' /etc/group
> research:*:1001:chu
> devel:*:1007:nick,chu
> chu@chu:/mnt/kemia/home/Research/Devel 09:48:53 $ uname -a
> FreeBSD chu.xxx.xxx.xx 5.4-STABLE FreeBSD 5.4-STABLE #30: Mon Jun 20 19:39:44 EEST 2005
root@chu.xxx.xxx.xx:/usr/obj/usr/src/sys/CHU  i386
> chu@chu:/mnt/kemia/home/Research/Devel 10:07:35 $ grep kemia /etc/fstab
> kemia.xxx.xxx.xx:/home           /mnt/kemia/home         nfs     rw,bg,tcp,intr,soft,noauto      0       0
> chu@chu:/mnt/kemia/home/Research/Devel 10:16:13 $ grep chu /etc/passwd
> chu:*:540:540:Vladimir Chukharev:/home/chu:/usr/local/bin/bash
> --------------------
>
> Now, on the remote server, which exports the FS.
> ++++++++++++++++++++
> chu@kemia:/home/Research/Devel 09:53:46 $ cat test1
> This I can read and write locally and over NFS.
> chu@kemia:/home/Research/Devel 09:53:49 $ cat test2
> This I can read and write only locally, but not over NFS.
> chu@kemia:/home/Research/Devel 09:53:49 $ ls -Fail
> total 24
> 12763141 drwxrws---   4 chu  devel    4096 Jun 29 22:00 ./
> 12763137 drwxr-sr-x  10 root research 4096 Jun  8 16:53 ../
> 12913617 drwxrws---  21 chu  devel    4096 Mar  1 11:31 Instr/
> 12914575 drwxrws---  17 nick devel    4096 Mar 14 14:33 prog/
> 12770983 -rw-rw----   1 root research   48 Jun 29 21:59 test1
> 12770877 -rw-rw----   1 root devel      58 Jun 29 22:00 test2
> chu@kemia:/home/Research/Devel 09:53:49 $ ls -Failn
> total 24
> 12763141 drwxrws---   4 540 1007 4096 Jun 29 22:00 ./
> 12763137 drwxr-sr-x  10   0 1001 4096 Jun  8 16:53 ../
> 12913617 drwxrws---  21 540 1007 4096 Mar  1 11:31 Instr/
> 12914575 drwxrws---  17 501 1007 4096 Mar 14 14:33 prog/
> 12770983 -rw-rw----   1   0 1001   48 Jun 29 21:59 test1
> 12770877 -rw-rw----   1   0 1007   58 Jun 29 22:00 test2
> chu@kemia:/home/Research/Devel 09:53:49 $ grep -i chu /etc/group | wc -l
> 7
> chu@kemia:/home/Research/Devel 09:53:49 $ grep -iE '(devel)|(research)' /etc/group
> research:x:1001:nick,chu, [deleted]
> devel:x:1007:nick,chu, [deleted]
> chu@kemia:/home/Research/Devel 09:53:49 $ uname -a
> Linux kemia.xx.xx.xx 2.6.10-1.770_FC3 #1 Thu Feb 24 18:09:38 EST 2005 x86_64 x86_64 x86_64 GNU/Linux
> chu@kemia:/home/Research/Devel 09:53:49 $
> chu@kemia:/home/Research/Devel 09:53:49 $ sudo grep -i chu /etc/gshadow | wc -l
> 7
> chu@kemia:/home/Research/Devel 09:53:49 $ sudo egrep '(devel)|(research)' /etc/gshadow
> research:::nick,chu, [deleted]
> devel:::nick,chu, [deleted]
> chu@kemia:/home/Research/Devel 09:53:49 $ cat /etc/exports
> /home/Research  xxx.xxx.xx.0/255.255.255.0(sync,rw)
> /home/Public    xxx.xxx.xx.0/255.255.255.0(sync,rw)
> /home/users     xxx.xxx.xx.0/255.255.255.0(sync,rw)
> /home           xxx.xxx.xx.0/255.255.255.0(sync,rw)
> chu@kemia:/home/Research/Devel 10:07:20 $ grep chu /etc/passwd
> chu:x:540:540:Vladimir Chukharev:/home/users/chu:/bin/bash
> ----------------------
>
> Note, that the deleted part of the group devel is shorter, than that of research.
> It is not the cause of the problem, I tried to make it short.
>
> ANY ideas? Please?
>
> Best regards,