Bug #243: Problems Synchronizing Web Site Files To Central NFS Server - GNU/Linux Administration - ALT Project Management

Bug #243

Problems Synchronizing Web Site Files To Central NFS Server

Added by Daniel Curtis over 10 years ago. Updated about 9 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Daniel Curtis

Category:

Network Attached Storage

Target version:

Start date:

11/26/2013

Due date:

% Done:

100%

Estimated time:

0.50 h

Spent time:

1.00 h

Description

While moving web site files to the central NFS server, I kept getting permission denied errors while changing ownership of files. I managed to find a work around for this, I needed to add the no_root_squash option to the NFS share being exported.

By default, NFS shares change the root user to the nfsnobody user, an unprivileged user account. In this way, all root-created files are owned by nfsnobody, which prevents uploading of programs with the setuid bit set.

If no_root_squash is used, remote root users are able to change any file on the shared file system and leave trojaned applications for other users to inadvertently execute.

I use FreeNAS, so I cannot just edit files willy-nilly on the filesystem. However, there is an option in its web GUI that allows this option to be setup. From the web GUI, go to Sharing -> Unix(NFS) Shares -> ShareName and set the Mapall User to root

Resources¶

Also available in: Atom PDF

Project

General

Profile

GNet Solutions » GNU/Linux Administration

Bug #243

Problems Synchronizing Web Site Files To Central NFS Server

Resources¶

Updated by Daniel Curtis about 9 years ago