3PAR8440配置file persona,创建nfs共享
user in secondary group unable to write nfs share, but primary group works fine
一个用户从组为目录的属组,那么就没有访问该目录。
nfs客户端
创建用户:
User: testuser001
Primary Gruop : testgrp001
Secondary : testgrp002
User: testuser002
Primary Group : testgrp002
c. mount nfs share (in case of my test,
nfs protocol is nfs v3
#
mount -t nfs -o nfsvers=3 16.148.243.128:/smb02_fpg/smb02_vfs/nfs_test001/testdir001
/mnt
d. change user, and create test
directory with testuser002
[root@hpsv02 ~]# su testuser002
[testuser002@hpsv02 root]$ id
uid=1002(testuser002)
gid=1002(testgrp002) groups=1002(testgrp002) cOntext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[testuser002@hpsv02 mnt]$ mkdir
testdir01
[testuser002@hpsv02 mnt]$ chmod 775
testdir01
[testuser002@hpsv02 mnt]$ ls -lh
total 40K
drwxrwxr-x+ 2 testuser002 testgrp002
8.0K Oct 17 04:44 testdir01
e. create test file "001" under test directory "testdir01"
[testuser002@hpsv02 mnt]$ cd testdir01
[testuser002@hpsv02 testdir01]$ echo
"test" > 001
[testuser002@hpsv02 testdir01]$ chmod
775 001
[testuser002@hpsv02 testdir01]$ ls -lh
total 8.0K
-rwxrwxr-x. 1 testuser002 testgrp002 5
Oct 17 04:48 001
[testuser002@hpsv02 testdir01]$ cat 001
test
e. exit testuser002 and switch user to
testuser001
[testuser002@hpsv02 testdir01]$ exit
exit
[root@hpsv02 ~]# su testuser001
[testuser001@hpsv02 root]$ id
uid=1001(testuser001)
gid=1001(testgrp001) groups=1001(testgrp001),1002(testgrp002)
cOntext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[testuser001@hpsv02 root]$ cd /mnt
[testuser001@hpsv02 mnt]$ ls -lh
total 40K
drwxrwxr-x+ 2 testuser002 testgrp002
8.0K Oct 17 04:48 testdir01
[testuser001@hpsv02 mnt]$ cd testdir01
[testuser001@hpsv02 testdir01]$ ls -lh
total 8.0K
-rwxrwxr-x. 1 testuser002 testgrp002 5
Oct 17 04:48 001
f. try to read test file
"001", and create new file as test purpose
[testuser001@hpsv02 testdir01]$ cat 001
test
[testuser001@hpsv02 testdir01]$ echo
"testuser001" > 002
bash: 002: Permission denied
==> failed due to permission denied
despite of "testdir01" has proper permission
如果客户需要这样的权限访问,就需要一个停机窗口,进入底层修改配置,务必联系二线工程师操作。
login fpg
owning vm node, and here is /etc/sysconfig/nfs.
[root@node1fs ~]# cat /etc/sysconfig/nfs
# This file was modified by
nfs-component*.rpm. the following ports
must be static for nfs firewalling to work.
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
NFSD_V4_GRACE=10
RPCNFSDCOUNT=64
RPCMOUNTDOPTS="-g"
h. remove RPCMOUNTDOPTS, then restart
nfs & nfslock service manually
[root@node1fs ~]# vi /etc/sysconfig/nfs
=> remove
RPCMOUNTDOPTS="-g"
[root@node1fs ~]# service nfslock
restart
[root@node1fs ~]# service nfs restart
[root@node1fs ~]# ps auxw | grep
rpc.mountd
root
18937 0.0 0.0
23720 952 ? Ss
08:55 0:00 rpc.mountd -p 892
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作