On Monday 27 July 2009 16:40:43 Harry Putnam wrote:
> Alan McKinnon <alan.mckin...@gmail.com> writes:
> > There is nothing much you can do about this except:
> >
> > Renumber your gid's locally to match the nfs server,
> > or renumber the nfs share gids to match your local machine
>
> Looking into that I noticed, as you thought the gid of the share on
> solaris is alphabetic wheel but numeric 15. Which is the gid of
> `man' on gentoo.
>
> But I noticed the gid 16 is not taken on the gentoo os so promoted man
> to gid 16 and changed wheel from 10 to 15.
>
> Logging my user out and back in I see the gid 15 now is wheel so the
> same as solaris.
When you do this, you only change the username attached to the gid. Remember
that the filesystem does not know or care what username you use, it only knows
about gids. You now need to find every file group owned by man's old gid and
chown it to man's new gid. Put another way, the man groups files now appear to
belong to the wheel group, and the wheel group's files are orphaned. This
ought to do it:
- umount nfs shares
- find / -gid 15 -exec chown :16 {} +;
- find / -gid 10 -exec chown :15 {} +;
- mount nfs shares
You must establish for yourself if any files were created meanwhile with gid
10 or 15 and take steps to deal with those specially.
> Having my user mount the nfs ... it ends up `reader:wheel'. Both are
> my users uid and one of his gids so now both the uid and gid match
> those on the solaris OS where user reader:wheel owns the source
> directory. (also /projects on solaris box).
>
> But with all that in place.... a copy using `-a' still causes the the
> same error warning.
Let's try something stupid :-)
cp -a is a GNU extension IIRC, and Solaris userland does not support it.
Try cp -pr just for fun
Also, there's an ACL on that file (the +). What are those rules, determined by
getfacl? It shouldn't make a difference as ACLs cannot take away a user's
permissions. But SELinux can ... offhand I cannot think of anything on Solaris
that works similarly - anything ring a bell here about your nfs server?
What are your mount options on the client side, and the relevant line in
exports on the server side?
>
> ls -l /projects/it
> -rw-r--r--+ 1 reader wheel 0 Jul 27 09:17 /projects/it
>
> cp -a /projects/it /projects/it2
> cp: preserving permissions for `/projects/it2':
> Operation not supported
>
> ls -l /projects/it2
> -rw-r--r--+ 1 reader wheel 0 Jul 27 09:17 /projects/it2
>
> ==============================================
>
> user reader (on gentoo) running command id -a
> uid=1000(reader) gid=1000(reader) groups=15(wheel),16(man),
> 250(portage),1000(reader)
>
> user reader (on solaris) running command id -a
> uid=1000(reader) gid=10(staff) groups=10(staff),3(sys),4
> (adm),15(wheel)
>
> ==============================================
>
> And the nfs source directory is also set-gid (by user reader)
> ls -ld /projects (on solaris server)
> drwxr-sr-x 14 reader wheel 17 2009-07-27 09:29 /projects
--
alan dot mckinnon at gmail dot com
