2

I created a user and a group with the same uid and gid on the NFS server and the NFS client side.

The export on the server side looks like this:

/volume1/nextcloud  *(rw,async,no_wdelay,no_root_squash,insecure_locks,sec=sys,anonuid=1025,anongid=100)

I mount the NFS share from the server on the client side in the /etc/fstab:

192.168.1.60:/volume1/nextcloud /mnt/nas/nextcloud nfs rw,user,vers=4 0 0

The folder on the NAS server has the rights:

drwxrwx---    12 nas      nas       4096 Jul  7 11:11 nextcloud

When I then run sudo mount -a the share gets mounted without any error. I also see that the mounted share has the same owner nas:nas and the same rights drwxrwx--- on the client system. But still if I try to cd nextcloud/ into it all I get is:

cd: nextcloud/: Permission denied

Did I miss something?

TiMESPLiNTER
  • 121
  • 1
  • 1
  • 5
  • 1
    Just to make sure: does the user who run the cd command have the nas group assigned? If not, the 770 permissions won't allow 'other' to get in... – tonioc Jul 09 '18 at 17:55

1 Answers1

1

I'm not fully sure about your current configuration(maybe you can post some output from your config files).Maybe you can post some details about the users on both machines, the rights they have, groups created,

But mainly there are 2 issues that occur all the time when it comes to NFS rights:

http://nfs.sourceforge.net/nfs-howto/ar01s07.html#pemission_issues

Also, this might be a "stupid" answer, but make sure you restarted the systems (or the services) correctly in order to sync them.

Maybe also change nfs=4 to nfs4 (not sure if this affects anything, but I've never seen nfs=4 in fstab configs).

https://www.systutorials.com/docs/linux/man/8-nfsidmap/

Adrian
  • 46
  • 3
  • I just saw that there's `anonuid=1025,anongid=100` in the exports line (this gets generated by my NAS). I now chowned the folder by 1025:100 which is on my NAS guest:users and if I now add my user on the client side to the group 100 (users) I can access the files. Still it's questionable how I export as not-guest but that's a Synology related thing I guess) – TiMESPLiNTER Jul 09 '18 at 15:09
  • If I may ask, how are you going to manage the Users and Groups? I was thinking that you would have an LDAP server for example to manage the users/groups for you and via NFS you only export the disks. The permissions and access would be part of LDAP. : https://www.cs.wcupa.edu/rkline/linux/ldap-nfs.html – Adrian Jul 09 '18 at 15:43
  • Synology does only offer SYS or Kerberos security options. So I guess I can‘t do it using ldap? – TiMESPLiNTER Jul 09 '18 at 15:44
  • Not sure if this is the case, but I do see an option to enable LDAP for the NAS: https://www.synology.com/en-global/knowledgebase/DSM/help/DSM/AdminCenter/file_directory_service_ldap – Adrian Jul 09 '18 at 15:46
  • Oh okay maybe I didn‘t see the option because ldap is not active which would make sense. However setting up and configuring an ldap service is a total different story. I guess my NFS problem is solved. Thanks for your help! :-) – TiMESPLiNTER Jul 09 '18 at 15:48
  • @TiMESPLiNTER please write an answer to your solution and accept it that other clearly see it. – kofemann Jul 10 '18 at 14:54