Team AIGD asked:
We have a local server that exports an
NFS share, used as parent directory for Linux home folders in the network. The users authenticate via
LDAP (running on the same server).
Authentication works fine, and the home folders on the share also work well for the users after they have logged in to a client machine.
However, there is one problem: the root user on the client cannot access the user folders. That is a problem as even simple things such as
sudo apt-get produce errors because root cannot write to the user’s folder.
I thought the problem might be that the home folder permissions on the
NFS server are 0700, thus only accessible by the user itself. So I have changed this permission to 0770, also also set the group ownership of the user folder on the server to 0, i.e. root. I assumed this should work, as 0 is also root’s group ID on the client machines.
Unfortunately, that didn’t solved my issues, root still cannot access the user’s folder:
root@Mule:/home/users# ll total 28 drwxr-xr-x 7 team team 4096 Aug 20 14:18 ./ drwxr-xr-x 3 root root 4096 Oct 29 10:43 ../ drwxrwx--- 30 mfb root 4096 Jan 30 17:49 mfb/ root@Mule:/home/users# root@Mule:/home/users# cd mfb bash: cd: mfb: Permission denied root@Mule:/home/users# root@Mule:/home/users# ll mfb ls: cannot open directory mfb: Permission denied root@Mule:/home/users# root@Mule:/home/users# whoami root root@Mule:/home/users# root@Mule:/home/users# mount | grep users bison:/media/profiles on /home/users type nfs (rw,hard,intr,addr=192.168.0.2) root@Mule:/home/users#
I am out of ideas here. Any suggestions how I can enable root to access the user home folder on the client (
mfb in this example)?
You need to set
no_root_squash on the export. Otherwise, accesses by the root user are mapped to an anonymous user (usually nobody).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.