Arch Linux

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

[Solved] Write over NFS to an owncloud folder (user=http)?

Hello,

I run an owncloud server and would like to access it locally over NFS. (I know there is webdav, but that's too slow for streaming.)
It works for me BUT read-only. If I want to have write access, I have to change permissions to the files and folders on the owncloud server, which are normally something like that:

ls -l
drwxr-xr-x 31 http http    4096  8. Jul 05:14 Music

as soon as I change the permissions to

drwxrwxrwx 31 http http    4096  8. Jul 05:14 Music

and remount that NFS-share, I also have write-access to that folder over NFS.

But that can't be a real solution, as I would have to change all permissions to all files and folders in that share, especially the new ones which are normally generated by the user http with permissions as above.

So is there another way to get write-access over NFS for such an directory owned by http?

reference:
SERVER:

/etc/fstab

# fake-root for NFS
/magnet/owncloud/data/carl/files        /srv/nfs/owncloud-carl  none    bind,noauto,x-systemd.automount

/etc/exports:

/srv/nfs/owncloud-carl  192.168.2.0/24(rw,no_subtree_check,nohide,no_root_squash)

CLIENT:

/etc/fstab:

#nfs mount
servername:/srv/nfs/owncloud-carl   /home/carl/nfs   nfs4   rsize=8192,wsize=8192,timeo=14,_netdev,noauto,x-systemd.automount	0 0

thanks!

Last edited by Carl Karl (2014-07-13 07:56:19)

HiImTye

Member

From: Halifax, NS, Canada

Registered: 2012-05-09

Posts: 1,072

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

why not use 775 instead of 777 and add those that you want to have write access to the group you give ownership to?

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

and add those that you want to have write access to the group you give ownership to?

I don't really understand.
As far as I understand, the whole owncloud directory is owned by http (user and group), and each file and folder written in it by owncloud is owned by http. So I don't give ownership to a group, owncloud does: to http.
I don't know how I can be able to control that apart from changing permission "by hand".

(by the way I changed the path of the owncloud directory, default is /usr/share/webapps/owncloud. THat shouldn't matter, but just that you know which directory I'm talking about.)

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

OK, but your hint led me to another strategy:

On the server, I created a user with the same name as my username on the client (carl) and added that user to the http group.
Unfortunately, that didn't gave me full write access. I still only have write access to the directories I manually 777'd.

HiImTye

Member

From: Halifax, NS, Canada

Registered: 2012-05-09

Posts: 1,072

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

thats because the default is 755, use 775 instead. 777 means anyone can write, 775 means only group can. an easy shortcut is

chmod g+w /file/or/folder

which is useful if you don't want to mess up, for instance, folder permissions by accidentally removing the executable flag

edit:or if you want absolute permissions, something like

chmod g=rwX /file/or/folder

will do well. make sure the X is uppercase, as it implies 'executable, if the executable flag already exists'

Last edited by HiImTye (2014-07-12 12:45:49)

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

Sorry, you don't seem to understand my problem.
So to make it clear:
755: no write access over NFS.
775: no write access over NFS.
777: write access over NFS.

I would be happy, if there was a working 775 solution, too.
I just don't know how!
As I said, I created a user on the server with the same name as my username on the client and added that user to the http-group on the server. But that didn't work.

Last edited by Carl Karl (2014-07-12 12:48:03)

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

Ha, I've got it!

The solution is in the /etc/exports file, it should be like this:

/srv/nfs/owncloud-carl  192.168.2.0/24(rw,all_squash,anonuid=33,anongid=33)

where 33 is the id of http.
Now I have full write access over NFS without needing to change any permissions. :-)

PS:
The argument "all_squash" means, that all users are identified with the anon user whichs UID and GID are given by anonuid and anongid later.

Last edited by Carl Karl (2014-07-13 07:57:58)

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

Correction:
Almost solved.
On one client, I have full write access over NFS, over the other client, I still have only write access over NFS for those files and folders with 777.
Although both clients use the same /etc/fstab entry for mounting that NFS-share! (And although the solution was editing the /etc/exports file on the server, which shouldn't have anything to do with which client I access.) Strange...

Last edited by Carl Karl (2014-07-12 13:40:52)

HiImTye

Member

From: Halifax, NS, Canada

Registered: 2012-05-09

Posts: 1,072

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

I really shouldn't offer help at 6am as I entirely misread your post.

Carl Karl

Member

Registered: 2013-06-12

Posts: 231

Re: [Solved] Write over NFS to an owncloud folder (user=http)?

No problem, thanks for looking at this anyhow! :-)

Meanwhile, I also found the solution for the other clients:
In /etc/exports, there was another line especially for that client (including 192.168.2.105 instead of 192.168.2.0/24) with other arguments than the working ones (rw,all_squash,anonuid=33,anongid=33). As that line was created for another resource, I didn't thought it interfere with that owncloud share, but it did. So deleting that other line in /etc/exports (that line was for testing only anyway) and rereading that file solved it for the other client, too. :-)