--- On Sat, 1/15/11, FRLinux <frli...@gmail.com> wrote:
> Hello,
>
> I'd be curious to hear about any particular tweaking you
> need applying
> on NFS FreeBSD servers. I have used them for the past 8
> years starting
> with 4.x at the time and now with a mix of 6.x 7x and 8.x
> and had not
> to tweak anything.
>
<SNIP!>
> Cheers,
> Steph
>
It may have to do with what you are doing. At the NFS protocol level, they are
compatible as far as I can tell. However, in my testing (trying to set up a
file server in a heterogeneous environment) I had problems configuring NIS
without editing Makefiles.
GNU/Linux uses 'shadow' to store password and FreeBSD used master.passwd. The
number of fields between the two differ as well.
>From my notes, the options are:
1. Modify makefile to generate a shadow file to keep Linux happy
2. use "UNSECURE=true" option in /var/yp/Makefile and disable shadow passwords
in Linux. I decided to go with the second option because NFS uses host-based
authentication: somebody with root access to a client machine can get both
files anyway.
Because NFS passes ownership and group information by number, I decided I
needed I need to use NIS to set send user and group information to keep the
network sane. For example, "james" may be user 1001 on one machine and user
1002 on another. The problem is that the FreeBSD "special" groups are not
compatible with the GNU/Linux "special" groups (less than 1000).
I resolved this (after an hint from IRC) by editing /var/yp/Makefile to only
send user groups in a certain "window" to the client machines.
>From my notes:
-both group.byname and group.bygid have the same filter to decide which groups
to include:[
@$(AWK) -F: '{ if ($$1 !="" &&
$$1 !~"^#.*" && $$1 !="+") \
]
Decodes as:
Use 'awk' with a field separator of ':'
Include a line if:
-it is not blank
-if it is not a commented line, denoted by '#'
-if it is not a line importing groups from NIS, denoted by '+' in the first
field.
filter can be modified to include only gid's within a certain range: [
@$(AWK) -F: '{ if ($$1 !="" &&
$$1 !~"^#.*" && $$1 !="+" &&
$$3 >= 1001 && $$3 <=2000) \
]
/notes
Regards,
James Phillips
I actually was able to log in from a test installation of Debian using that
hack (files appeared on server as expected). It took some trial and error
though.
PS: perhaps my difficulty is I don't really want to do "programming" until the
fileserver is up, but BSD administrators are expected to do basic scripting.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
