On Mon, Jan 20, 2014 at 9:10 AM, Alan McKinnon <alan.mckin...@gmail.com> wrote: > Most NFS servers in the real world are thus file shares and permit > read-only access to all users.
Alan, Thank you for explaining this in english for me. I am a bit blown away that it is taking me so long to figure out that NFS might not be for me. However, it is now making sense why everybody, even linux people, seem to use SMB. My problem: I have a handful of users on Mac and Linux who want to share some files whose content is not secret, but to avoid accidents I would like to restrict write access to those with a password. Most users are probably UID 1000 on their respective machines. Normally we use git for this, but we have 1TB of large binary files and do not need versioning. So I thought "problem solved... I'll just make an NFS share. From your machines, just open nfs://share/ and when prompted for a username/password, just use one I'll supply. So this little plan of mine has hit several problems: 1. Accessing an NFS share from linux is not as simple as "Please open nfs://foo/bar". At least not on XFCE4 (see my post http://mail.xfce.org/pipermail/xfce/2014-January/033023.html). It seems I have to get fstab involved. Not sure about from the mac. 2. Opening SMB is as simple as "Please open smb://foo/bar". Perhaps this simplicity is due to the efforts of metacity/gvfs/fuse/samba/udev/polkit/consolekit. 3. NFS is UID based and I have no idea what the UIDs are, and worse, most of my users probably have the same UIDs on their system. This sounds like a show stopper to me. === > Most NFS servers in the real world are thus file shares and permit > read-only access to all users. Are you saying that NFS can be configured to allow ro access to everyone, even those people whose UID was not known when the NFS was setup? If so, can the same be done for rw access? > squash was invented - when root access comes over the wire, the server > changes it from UID=0 to something else (usually nobody) and then > applies Unix permissions to that account. Got'cha. If I go with NFS, I think I would be interested in is more of a "global squash". No matter which UID is making the connection, squash it over to the generic local UID 9999 which was granted rw access to the share. Thanks again, Chris
