Line 93: |
Line 93: |
| {{Note box | For security Reasons you can not enable Your NFS Share in ''''Read and Write, No Root Squash and Insecure'''' options for the whole local network, you have to specify each IP allowed for these insecure settings.}} | | {{Note box | For security Reasons you can not enable Your NFS Share in ''''Read and Write, No Root Squash and Insecure'''' options for the whole local network, you have to specify each IP allowed for these insecure settings.}} |
| | | |
− | If you want modify the Group Ownership or user access permissions, these changes has to be done in the Ibay Panel.
| + | |
| ====Usage==== | | ====Usage==== |
| * Each IP needs to be allowed if you want write permissions. For read only permissions, you can open the share to all defined local network in the server-manager | | * Each IP needs to be allowed if you want write permissions. For read only permissions, you can open the share to all defined local network in the server-manager |
− | * The NFS share works with Ibays whose the system of permissions are Group based and inherited from the ibay panel. Therefore for changing write/read and group permissions you need to do it in the Ibay panel. You have at the top of the NFS panel a description on the state of permissions and the group ownership. | + | * The NFS share works with Ibays whose the system of permissions are Group based and inherited from the ibay panel. Therefore for changing write/read and group permissions you can do it in the NFS Ibay panel. You have at the top of the NFS panel boxes on the state of permissions and the group ownership. |
| * NFS works with UID and GID, the user id and group id of the client system are sent in each RPC call, and the permissions these IDs have on the file being accessed are checked on the server. For this to work, the UID and GIDs must be the same on the server and the clients. | | * NFS works with UID and GID, the user id and group id of the client system are sent in each RPC call, and the permissions these IDs have on the file being accessed are checked on the server. For this to work, the UID and GIDs must be the same on the server and the clients. |
| =====Read permissions===== | | =====Read permissions===== |
− | - you can easily allow the share in read permission for the local network and for all defined IP (go to the ibay panel and set the User access to write=group, read=everyone, enabled the share, and allow IP(s) or the local network in the nfs panel) | + | - you can easily allow the share in read permission for the local network and for all defined IP (go to the NFS ibay panel and set the User access to write=group, read=everyone, enabled the share, and allow IP(s) or the local network in the nfs panel) |
| | | |
| =====Write and read permission for group===== | | =====Write and read permission for group===== |
− | - you have to set a group which owns the ibay (in the ibay panel) and change the permissions to Write=group, Read=Group <br /> | + | - you have to set a group which owns the ibay (in the NFS ibay panel) and change the permissions to Write=group, Read=Group <br /> |
| | | |
| - All users both in the server and in the clients need to be members of that group with the same GID.<br /> | | - All users both in the server and in the clients need to be members of that group with the same GID.<br /> |
Line 146: |
Line 146: |
| | | |
| How enable specific rules (the name of the rule is free): | | How enable specific rules (the name of the rule is free): |
− | config setprop nfs-rules '''MYRULE''' '/home/e-smith/files/ibays/IBAYNAME/files 192.168.14.0/22(nohide,sync,wdelay,rw,no_root_squash,secure)' | + | config setprop nfs-rules '''MYRULE''' "/home/e-smith/files/ibays/IBAYNAME/files 192.168.14.0/22(nohide,sync,wdelay,rw,no_root_squash,secure)" |
| or | | or |
− | config setprop nfs-rules '''RULE2''' '/home/e-smith/files/ibays/IBAYNAME/files 192.168.14.154(nohide,sync,wdelay,rw,no_root_squash,secure)' | + | config setprop nfs-rules '''RULE2''' "/home/e-smith/files/ibays/IBAYNAME/files 192.168.14.154(nohide,sync,wdelay,rw,no_root_squash,secure)" |
| There is no analysis of the share settings, ditto for the path of the folder you want to share (except for the '/') <br /> | | There is no analysis of the share settings, ditto for the path of the folder you want to share (except for the '/') <br /> |
| | | |