Re: access-denied problems with knfsd-981022

G. Allen Morris III (gam3@dharma.sehda.com)
Thu, 29 Oct 1998 10:31:48 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joel Jaeggli: "Re: dec rz55 drives."
Previous message: Victor Stanescu: "Re: dec rz55 drives."
Maybe in reply to: Steffen Rheinhold: "access-denied problems with knfsd-981022"

This would be a problem with the kernel code, not with H.J.'s code.

>>>Steffen Rheinhold said:
> Hello,
>
> I found out problems with current knfsd and 2.1.126 (knfsd patches
> applied):
>
> 1. From AIX machines, if I mount from a linux server, the group id seems
> to be ignored. I can only access directories, if I am the owner or the
> "other" people have access to it. If only the rights of the group fit, I
> get an "Permission denied". Example:
>
> a) Mount (linux-2.1.126)zeus:/home on (AIX4.3)catia1:/server
> b) User "user1" is member of group "isdn"
>
> user1-catia1:/> cd /server
> user1-catia1:/server> ls -l
>
> drwxr-x--- 4 data isdn 1024 06 Aug 13:13 import
>
> user1-catia1:/> cd import
> Permission denied
>
> If I chmod o+rx import, it works. If I su to "data", it works too.
>
> With an IRIX 5.3 client it looks ok.

Could you look and see if there are any messages in the log file.
They should have `fh_verify: .* permission failure' in them.

> 2. With an Linux client I have a root-squash problem:
>
> Client is linux 2.0.35, same server (zeus).
>
> If I cd into a nfs-mounted directory which doesn't allow me to, I get a
>
> data@charon:/home/data > id
> uid=501(data) gid=100(users) groups=100(users),111(isdn)
>
> data@charon:/mnt/zeus > ls -l
> drwxr-xr-x 4 data isdn 1024 Aug 6 13:13 import
> drwxr-s--- 22 root 108 1024 Jul 22 15:46 vwk
>
> data@charon:/mnt/zeus > cd vwk
> bash: cd: vwk: Permission denied
>
> If I do the same as root@charon, I get
>
> charon:/root # cd /mnt/zeus/
> charon:/mnt/zeus # pwd
> /mnt/zeus
> charon:/mnt/zeus # cd vwk
> bash: pwd: getcwd: cannot access parent directories: Permission denied
> charon: # pwd
> /mnt/zeus/vwk
> bash: pwd: getcwd: cannot access parent directories: Permission denied
> charon: # cd ..
> charon:/mnt/zeus # pwd
> /mnt/zeus
>
> As one can see, the shell cd's to the directory nevertheless. I think
> with root-squash the result of an unpermitted operation should be the same
> for a root client and a non root client, or am I wrong? Why does the bash
> cd into the denied directory?

There is a patch to fix this problem.

http://www.CSUA.Berkeley.EDU/~gam3/knfsd/nfsd-2.1.126-1.patch

Allen

---------------------------------
G. Allen Morris III

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joel Jaeggli: "Re: dec rz55 drives."
Previous message: Victor Stanescu: "Re: dec rz55 drives."
Maybe in reply to: Steffen Rheinhold: "access-denied problems with knfsd-981022"