TIP: Click on subject to list as thread! ANSI
echo: rberrypi
to: DRUCK
from: THE NATURAL PHILOSOPHER
date: 2020-10-08 11:56:00
subject: Re: nfs has wrong mode
On 08/10/2020 10:45, druck wrote:
> On 08/10/2020 07:23, Hans-Werner Kneitinger wrote:
>> Thank you for explanation but my use-case seems to be little different.
>> Its for backup/recovery only. No need for file sharing between clients,
>> all local only. The NAS is the central backup storage. No RPi user has
>> an account on the NAS. I think there is no need for and its better to
>> have less accounts as possible.
>>
>> The RPis are data collectors or controllers. I have a backup-image from
>> every fresh setup and an RPi on cushion.
>>
>> 1. If an RPi or its SD Card dies, I restore from backup image and then
>> restore latest data and setting from NAS.
>>
>> 2. If distro and/or hardware update is requiered, I do a fresh
>> installation and a data restore from NAS.
>>
>> 3. No RPi user has access to the NAS but the special backup user.
>
> That's probably your problem. You backup user is writing files which
> have various Pi user and group id's to the NAS, and the NAS stores those
> ids, as otherwise every file would belong to the backup user, which
> isn't what you want.
>
> But the NAS doesn't know about those users and groups, and their
> relationship to the backup user. To allow the backup user to access
> those files, they have to be set to world readable and writeable
> i.e. 777
>
> If you created matching users and groups on the NAS, and made sure the
> backup user was part of those groups, the NAS would then know who was
> allowed to access what, and the file permissions could then also be
> stored correctly.
>
> This is my interpretation of how NFS works, I may be wrong.
>
> ---druck

My NFS always spreads UIDS, GIDS and permissions *exactly*, using e.g.
this style of export line in /etc/exports

/home/spare  *(rw,sync,no_root_squash,no_subtree_check)

However obviously to  propagate these to the NFS mounted remote file
system, rsync *must* run as root.

There can be no 'backup user'

--
"Corbyn talks about equality, justice, opportunity, health care, peace,
community, compassion, investment, security, housing...."
"What kind of person is not interested in those things?"

"Jeremy Corbyn?"

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.