[mythtv-users] NFS mounts permissions

Brian Wood beww at beww.org
Sat Sep 8 16:46:13 UTC 2007 

Daniel Kristjansson wrote:
> On Sun, 2007-09-09 at 01:53 +1000, Bruce Nordstrand wrote:
>> I have just completed a rebuild of my combined backend/frontend into a 
>> master backend only (3 cards), 1 slave backend (1 card) and 1 frontend 
>> only. I seem to have an issue with the permissions on my NFS mounts on 
>> the slave backend.
>>
>> This is my define in /etc/exports for the myth recordings directory on 
>> the master backend:
>>
>> /myth-data 10.0.0.1/24(rw,no_root_squash,async)
>>
>> The recordings are actually in a sub directory, recordings.
>>
>> I created a mount point on the slave, /myth-data and mounted the NFS 
>> directory on that. The permissions on the slave directory were set to 
>> mythtv:mythtv and 775. However, the slave is telling me it has no 
>> permission to write to the recordings directory.
>>
>> What am I doing wrong?
> 
> Unix doesn't use the name of the account or group, it uses the 
> user and group numbers. So they must be the same across all your
> computers:
> 
> [danielk at prude ~]$ grep mythtv /etc/passwd
> mythtv:x:105:105::/home/mythtv:/bin/bash
> [danielk at prude ~]$ grep mythtv /etc/group
> mythtv:x:1000:
> 
> [danielk at cuy ~]$ grep mythtv /etc/passwd
> mythtv:x:105:105::/home/mythtv:/bin/bash
> [danielk at cuy ~]$ grep mythtv /etc/group
> mythtv:x:1000:
> 
> If they don't agree you can't authenticate. Also if you run the
> backend as root you generally can't write to NFS shares because
> most NFS implementations only give the root account guest access
> if they give it any access at all.
> 
> You can edit the numbers in the passwd and group files on one
> computer so they agree with the other one, but make sure you
> chown mythtv:mythtv -R /directory/that/should/be/owned/by/mythtv
> on all directories used by the mythtv account afterward, this
> includes /home/mythtv and all your local recording directories
> and any directories used by any plugin.
> 
> FYI In large unix installations there is usually an account
> server such as yp, so this doesn't happen. But desktop Linux
> distro's don't use such things by default.

All very correct, but yp (yellow pages) is generally called NIS (Network
Information Service) or NIS+ these days. It's easy enough to implement,
but is generally considered insecure on a publicly accessible network.

beww

More information about the mythtv-users mailing list