[mythtv-users] NFS mounts permissions
beww at beww.org
Sat Sep 8 16:46:13 UTC 2007
Daniel Kristjansson wrote:
> On Sun, 2007-09-09 at 01:53 +1000, Bruce Nordstrand wrote:
>> I have just completed a rebuild of my combined backend/frontend into a
>> master backend only (3 cards), 1 slave backend (1 card) and 1 frontend
>> only. I seem to have an issue with the permissions on my NFS mounts on
>> the slave backend.
>> This is my define in /etc/exports for the myth recordings directory on
>> the master backend:
>> /myth-data 10.0.0.1/24(rw,no_root_squash,async)
>> The recordings are actually in a sub directory, recordings.
>> I created a mount point on the slave, /myth-data and mounted the NFS
>> directory on that. The permissions on the slave directory were set to
>> mythtv:mythtv and 775. However, the slave is telling me it has no
>> permission to write to the recordings directory.
>> What am I doing wrong?
> Unix doesn't use the name of the account or group, it uses the
> user and group numbers. So they must be the same across all your
> [danielk at prude ~]$ grep mythtv /etc/passwd
> [danielk at prude ~]$ grep mythtv /etc/group
> [danielk at cuy ~]$ grep mythtv /etc/passwd
> [danielk at cuy ~]$ grep mythtv /etc/group
> If they don't agree you can't authenticate. Also if you run the
> backend as root you generally can't write to NFS shares because
> most NFS implementations only give the root account guest access
> if they give it any access at all.
> You can edit the numbers in the passwd and group files on one
> computer so they agree with the other one, but make sure you
> chown mythtv:mythtv -R /directory/that/should/be/owned/by/mythtv
> on all directories used by the mythtv account afterward, this
> includes /home/mythtv and all your local recording directories
> and any directories used by any plugin.
> FYI In large unix installations there is usually an account
> server such as yp, so this doesn't happen. But desktop Linux
> distro's don't use such things by default.
All very correct, but yp (yellow pages) is generally called NIS (Network
Information Service) or NIS+ these days. It's easy enough to implement,
but is generally considered insecure on a publicly accessible network.
More information about the mythtv-users