Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Oct 2009 08:16:48 +0700 (ICT)
From:      Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
To:        gpeel@thenetnow.com
Cc:        amvandemore@gmail.com, freebsd-questions@freebsd.org
Subject:   Re: Netwroked Storage
Message-ID:  <200910010116.n911Gmk2024725@banyan.cs.ait.ac.th>
In-Reply-To: <BCDC44AF12A948548DAE12AB40BC4E18@GRANT> (gpeel@thenetnow.com)
References:  <ADA4B9316B604F71BBBA917DB1CF9306@GRANT> <6201873e0909300607u7bdbe45aw91972f253299e853@mail.gmail.com> <BCDC44AF12A948548DAE12AB40BC4E18@GRANT>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi,

> All of the 200 domains on each server have thier own Real Unix user 
> (obviously). Once the NAS is setup, (using NFS), how do the permissions on 
> the NAS machine play out? i.e. when user 'hisname' logs into a server via 
> ftp, and uploads a file to his home directory (which is on the NAS), will 
> the file permissions be the same, and will 'hisname' own the file exactly 
> the same as if he were writing to the local (server) disk? 

That is expected, else something bad would exists in the configuration
of the NAS.

> In the NAS 
> exports do I have to map every user to the NFS or can I just maproot?

Maproot is the easiest as it gives complete access to the NFS exported
directory.

Now you may consider that for security reason, users of client-machine
1 should only be allowed to NFS mount their own home directory.

In that case, you may need the users of client-machine 1 to exist on
client-machine 1 and on the server, etc for machine 2... Actually I
never had this case when a user account only exists on an NFS client
but not on the NFS server, so I am not too sure. I guess that user ID
of the users should be different on every client system.

You may consider an LDAP directory for your users, where the server
would see all the users, but each client-machine would see only the
users belonging to it (I thing that there is an "host" attributes, so
client-1 only sees the users with host=client-1).

Good luck,

Olivier

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910010116.n911Gmk2024725>