Line 94: |
Line 94: |
| | | |
| If you want modify the Group Ownership or user access permissions, these changes has to be done in the Ibay Panel. | | If you want modify the Group Ownership or user access permissions, these changes has to be done in the Ibay Panel. |
− | | + | ====Usage==== |
| + | * Each IP needs to be allowed if you want write permission, for read only permissions, you can open the share to all defined local network in the server-manager |
| + | * The nfs share works with the Ibays and their permissions are inherited from the ibay panel. Therefore for changing write/read permissions you need to do it in the Ibay panel. You have at the top a description on the state of permissions and the group ownership. |
| + | * NFS works with UID and GID, the user id and group id of the client system are sent in each RPC call, and the permissions these IDs have on the file being accessed are checked on the server. For this to work, the UID and GIDs must be the same on the server and the clients. |
| + | * read permissions : |
| + | - you can easily allow the share in read permission for everybody (go to the ibay panel and set the User access to write=group, read=everyone) |
| + | * Write and read permission for group: |
| + | - you have to set a group who own the ibay (in the ibay panel) and change the permissions to Write=group, Read=Group <br /> |
| + | |
| + | - All users both in the server and in the clients need to be members of that group with the same GID.<br /> |
| + | |
| + | - you have to share the same UID for users between the server and the client<br /> |
| + | |
| + | for example the user Helene must share the same UID and GID between the SME Server and the remote client |
| + | on remote client |
| + | # id helene |
| + | uid=5006(helene) gid=5006(helene) groupes=5006(helene),5002(famille) |
| + | on SME Server |
| + | # id helene |
| + | uid=5006(helene) gid=5006(helene) groupes=5006(helene),500(shared),5002(famille) |
| + | |
| + | -IF the option no_root_squash is set, the root can still write in the ibay, but the issue, is that all root or sudo users of all server allowed to the nfs share can write without controls in the ibay. |
| + | |
| + | =====UID/GID===== |
| + | * create a group |
| + | groupadd -g '''GID''' -o GROUPE_NAME |
| + | * modify the GID of a group |
| + | groupmod -o -g '''GID''' GROUPE_NAME |
| + | * add a principal group to a user |
| + | usermod -g '''GROUP_NAME_OR_GID''' USER_NAME |
| + | * add a secondary group to a user |
| + | usermod -a -G '''GROUP_NAME_OR_GID''' USER_NAME |
| + | *change the uid of a user |
| + | usermod -u '''UID''' USER_NAME |
| + | * see informations of a user |
| + | id USER |
| + | |
| + | |
| ==== Couple of notes whilst installing on SME9..... ==== | | ==== Couple of notes whilst installing on SME9..... ==== |
| DB options as follows - status enabled by default : | | DB options as follows - status enabled by default : |