-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go-nfs not taking into account file permissions #17
Comments
Are you trying to have multiple users access the server, and translate the permissions of those users into the file access permissions? do you mean that when you mount, you aren't seeing the expected unix permissions of files on the client? |
Having multiple users access the server is the use case. Every user will have their own uid,gid. At this point this is what I'm seeing: The exported folder is owned by UID 5000, the nfs server is run by the UID 5000. When I mount the share from another server, I do see the files and folder being owned by UID,GID 5000. Even if I don't have access to the file because my UID is 1000 and I don't have GID 5000 assigned to this user I can read the file and even modify it. This is what I see from user 1000 when it accesses the mount:
With this user I can read, create and update files. When new files are created they get created with UID and GID set to 5000. So my guess is that the nfs is receiving the creation order and instead of checking the permissions it goes ahead and create the files with its own UID,GID combination. So summarizing, I do see the unix permissions of files on the clients, but they're not honored. |
Authentication and permission of clients is not fully worked through on any of the example handlers, as my primary use case has been in single user systems. When a user mounts the filesystem, the handler is able to check access of the Currently access for all demos is just using a |
Okay, since this is expected I'm closing the issue. Thanks. |
Hey @willscott,
First of all, thank you for this awesome project.
I'm trying to containerize this project for my demos. I have it working but at this time it doesn't honor file permissions present on the filesystem.
On the readme you have this:
I don't fully understand what you mean here, I believe my filesystem populates the uid and gid for every object, not sure what I'm doing wrong.
I'm using the example in example/osnfs
Thanks!
The text was updated successfully, but these errors were encountered: