Friday, December 29, 2017

set readynas nfs rootsquash off

rootsquash is a feature in NFS that allows one to add a bit of security to nas systems.  Unfortunately if the user id's aren't managed closely across your systems that give a crap, the systems will have inadvertent portions that aren't available.

The readynas backup is a victim of this.  It faithfully copies across things from one system to another and adjusts times and all, and sets the user id.  Then it can no longer get to it after that.

Sad solution is to turn off rootsquash, so that the actual rsyncs from other systems can get to the files and do the job.

Will have to work on the mess sometime.  However there are not any conventions on user id's across all the distributions to make anything simple.

ReadyNAS OS 6.8 allows configuring NFS User ID mapping per NFS share. This functionality ensures NFS connections use a predefined UID/GID when necessary, which prevents permission based issues on certain applications.

Configuring User ID Mapping

  1. From the Admin Page, click Shares > Shares
  2. Click the share you would like to edit, then click Settings.
  3. Click Network Access > NFS > Advanced.
There are three UID/GID squashing settings:
  • No Root Squash: Allows NFS connection using root access to connect as root. (Anonymous UID/GID text boxes are disabled)
  • Root Squashing: Forces all NFS root users to use UID/GID configured in the Anonymous UID/GID text boxes.
  • All Squash: Forces all NFS users to use UID/GID configured in the Anonymous UID/GID text boxes.

No comments:

Post a Comment