NFS setup - need authentication server?

[jalisco]

Hi,

I have setup a NFS server recently, I think it's running NFS 4 (3, 2..etc, they are all listed if I grep)

In any event, it works great, connecting to a client on a ubuntu system.

My problem is that I cannot rsync to the server. It gives me a chown error 22. After investigating a little bit, the server is mounting everything as nobody.

I can create an item on the server from the client (I have rw), but even from the client side, it always claims "nobody" is the owner. While, on the server, it says the appropriate owner.

Do I need to setup an authentiation server like kerberos?

[reinob]

Can you post the /etc/exports of your NFS server?
does it say "all_squash" anywhere?
$ man 5 exports

[jalisco]

Can you post the /etc/exports of your NFS server?
does it say "all_squash" anywhere?
$ man 5 exports

it's basic:

/home/x-files 192.168.178.3(rw,anongid=1000,root_squash)

that's it.
I added the anongid=1000 to try to force it to the common user between both systems (both have same username and UID).

it's possible, that my error is because I have the share directory on my home folder?

[reinob]

From the information we know, anything do you *as root* from your client will be mapped to user "nobody" (because you didn't set an anonuid) and group "1000".

If you do anything as client, the server will not do any mapping, so in principle it should work OK.

Now: how is the client mounting the NFS filesystem? are you doing it by hand (if so, how exactly), or is this set-up in /etc/fstab? (if so, post the relevant line). Are you mounting the share as root or as your user?

[jalisco]

Yes, whatever I do on the client, appears as nobody (on the client).

If I create a folder, the owner appears as nobody.

If I look on the server, the owner is the correct user.

I am mounting like this:
sudo mount 192.168.178.2:/home/matamoscas/x-files /home/matamoscas/nfs-server

where matamoscas is the username

edit: Oh yes, it mostly works okay, except for when I try to use rsync, then I get chmod type errors.

[jalisco]

what is gvfs? gnome virtual file system.

I typed mount -l to see what type of mounts I had, and got this..

Code: Select all

matamoscas@matamoscas:~$ mount -l
/dev/sda5 on / type ext4 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
nfsd on /proc/fs/nfsd type nfsd (rw)
192.168.178.2:/home/matamoscas/x-files on /home/matamoscas/nfs-server type nfs (rw,vers=4,addr=192.168.178.2,clientaddr=192.168.178.3)
gvfsd-fuse on /run/user/matamoscas/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,user=matamoscas)

It all looks Ok, but the nosuid on the gvfs-fuse (not sure what that is) might be relevant?

Still, slowly trying to figure this out =)

thanks

[reinob]

Yes, whatever I do on the client, appears as nobody (on the client).

Yup, but I meant "whatever you do as USER on the client should work OK". Which is obivously not the case.

I am mounting like this:
sudo mount 192.168.178.2:/home/matamoscas/x-files /home/matamoscas/nfs-server

Sounds kinda weird that you mount a user-directory as root ("sudo"). Not bad per se, but could be the reason for unintended behaviour.

Try adding an entry to your /etc/fstab so that you can mount as user.
Post here if you:
(1) Need help about the /etc/fstab entry, and/or
(2) The issue is resolved, and/or
(3) The issue is still not resolved after adding the line to /etc/fstab and mounting as user.

[jalisco]

Still working on this - slowly =)

I got distracted for a few days.

But, I have still not got this to work properly =(

I entered the following into /etc/fstab:
192.168.178.2:/home/matamoscas/x-files /home/matamoscas/nfs-server nfs defaults 0 0

then mounted it like:
sudo mount /home/matamoscas/nfs-server

it mounts nicely, as expected.

However, it still exhibits the prevalent behavior: any files I copy over to the server is owned by nobody.

This is primarily problematic, since it really messes with rsync, e. g. it doesn't allow it to work properly, and gives me chmod errors.

Actually, from the client, ALL owners are nobody. Even though, some are inaccessible, and some are accessible (e.g. read/writeable).

Is there a way I can use nfs3, so I don't have to worry about authentication issues? Assuming, that is my problem?

[reinob]

I entered the following into /etc/fstab:
192.168.178.2:/home/matamoscas/x-files /home/matamoscas/nfs-server nfs defaults 0 0

then mounted it like:
sudo mount /home/matamoscas/nfs-server

With that fstab line you can only mount the share as root. Hence the need for "sudo" when mounting.
This is wrong, or at least not what you want.

You want "defaults,user" instead of "defaults" (or just "user" would be enough) in fstab so that your normal user can mount without being root (sudo).

Then hopefully the mounting itself will not mask any permissions so that the share is directly accessible by your user. Remember that NFS does not (simplifying..) check permissions, these are handled by the client.

However, it still exhibits the prevalent behavior: any files I copy over to the server is owned by nobody.

This is primarily problematic, since it really messes with rsync, e. g. it doesn't allow it to work properly, and gives me chmod errors.

Are you copying as user or as root?
Are you running rsync as user or as root?

Is there a way I can use nfs3, so I don't have to worry about authentication issues? Assuming, that is my problem?

NFS in a home environment is really a can of worms. Unless you really really desperately need NFS I'd advise you to use SMB/CIFS (where the whole concept of permissions "maps" better to what normal people expect) or SSHFS.

SSHFS is really the best thing after sliced bread.
you just do
$ sshfs 192.168.172.2:/home/matamoscas/x-files /home/matamoscas/nfs-server

and everything just works. (Make sure you have sshfs installed on your client and openssh-server on your server. If you set-up passwordless authentication (do it!) then this is a seamless as it gets. Plus secure. Plus fast enough (unless client or server are some weak ARM-based stuff. But even then it still kicks b4tt)).

[jalisco]

Thanks for the info.

Yeah, it is a can of worms =)

I tried changing from "default" to "user" in the fstab line, but getting the same behavior, everything just ID's to nobody, and group nogroup.

Does SSHFS work with Apple computers?

Will take a look at that.

To answer the questions about rsyncing, can't answer off the top of my head - so will have a look at that =)
Will dot my i's and cross my t's one more time, and see if I can get it to work.

At some point in the past, I had it working perfectly =) go figure. But, when I reinstalled the system, and had to reconfigure it,ran into this problem.

[jalisco]

Still working on this.

I will think out loud - in this post, see if I can get somewhere =)

1. Have 3 computers on a local network (Debian, Ubuntu, and Apple).
2. I want to have one (Debian server) function as a local network file (print, etc) server.
3. I want to use rsync for regular backups.

Setting it up, simply, I can connect them, and copy files to and fro. However, rsync gives me errors pertaining to ownership (nobody, and nogroup).
I am going through slowly and carefully, and will document all my progress here - but I won't give up =)

My goal is to use NFS (because it is good, and works across all platforms). I might turn on my Windows 7 machine at some point, but realistically, I won't ever really use it for anything important, so I won't fiddle with SMB for now.

If I ever get done, I will post my steps, results here.

[reinob]

Setting it up, simply, I can connect them, and copy files to and fro. However, rsync gives me errors pertaining to ownership (nobody, and nogroup).
I am going through slowly and carefully, and will document all my progress here - but I won't give up =)

OK, let's go back to basics: how are you using rsync?

You basically can use it in three different ways:
1) local-to-local (even though the "local" destination might be a mounted remote filesystem).
2) using ssh as transport (rsync -a /local/stuff user@remote:/path/)
3) using rsync daemon: rsync -a /local/stuff user@server::destination

(Note the single ":" in (2) and the double "::" in (3)).

I suppose you're using (1), otherwise NFS would not be playing any role here. The question is why?
Option (2) is generally accepted as being the best: no setup required and secure authentication + transport
Only disadvantage is that it may be a bit slower if the server runs with a slow ARM processor. In which case option (3) can help, but then you need to set-up the rsync daemon.

I routinely use (2) and (3) without an issue. Really, if you can sync without NFS, do it. If you can share files without NFS (i.e. with SSHFS or SMB) do it. NFS is really that bad. Even without any Windows machine involved both the Linuxes and the Macs will happily use SMB.

[jalisco]

Making progress.

I want to do a "local-to-local" rsync, with remotely (LAN) mount volume.

I think I might have figured it out.

I did not have a proper service setup to manage the user settings over the network.

For my basic needs, NIS suffices - and it seems to work pretty easily =) Will post a followup if I complete my mission. So far, so good.

[reinob]

I did not have a proper service setup to manage the user settings over the network.

For my basic needs, NIS suffices - and it seems to work pretty easily =) Will post a followup if I complete my mission. So far, so good.

OK. Welcome to the 80s, I should say? :) (seriously? NIS and NFS? :). But if it ain't broke..

Should you decide to jump ahead a bit into the future (90s: SMB instead of NFS) or even to the current (2000s) state-of-the-art (SSH) feel free to ask if you need assistance :)

[jalisco]

Hehe Hey! this is my generation! my of my favorite music is still from the 80s.

heh

Yeah, but that solved all my problems: NIS + NFS.

I know SMB is better if I was gonna interact at all with Windows.

But, since it's mostly *nix boxes and Mac OS x, figured I would stick with NFS.

EDIT: someone can change this thread to [SOLVED]. Apparently, some type of network wide setup is required for NFS permissions to work properly (with rsync). I think some routers will facilitate this with local network netbios? Not sure, but my modem does not. I had no other way for the computers on my network to communicate users - even when they had the exact same user and UserID. Enter, NIS, and all my problems were solved. Now, to get NFS/NIS to work with Mac 10.8!