Had an interesting one today:
We created a CIFS share called "public" to create a department wide storage area for a project we've got going on. A web developer was editing HTML in a subfolder there and wanted it published for users to view. So I NFS mounted it to a test (SUN) webserver exporting it on the filer as:
/vol/sysvol0/public/html_files
My Unix guy who config'd Apache on the test webserver created a local user "www" to run Apache. The filer complained when you hit the webpage generating reads of the "html_files" dir by Apache saying UID 80 NOT MAPPED. (UID 80 is the www users UID on the webserver). The filer was expecting CIFS users athentication of an NFS mount!
So you can't NFS export CIFS share folders I found out...!!!???
I ended up creating a (mixed) qtree which is a CIFS share *and* NFS mount and all is fine....
I thought that was an interesting problem and thought I'd share it....
-Rob
Robert; Did you put the www user in the /etc/usermap.cfg file on the filer? JKB
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Robert Borowicz Sent: Thursday, September 02, 2004 4:51 PM To: toasters@mathworks.com Subject: NFS export from within a CIFS share
Had an interesting one today:
We created a CIFS share called "public" to create a department wide storage area for a project we've got going on. A web developer was editing HTML in a subfolder there and wanted it published for users to view. So I NFS mounted it to a test (SUN) webserver exporting it on the filer as:
/vol/sysvol0/public/html_files
My Unix guy who config'd Apache on the test webserver created a local user "www" to run Apache. The filer complained when you hit the webpage generating reads of the "html_files" dir by Apache saying UID 80 NOT MAPPED. (UID 80 is the www users UID on the webserver). The filer was expecting CIFS users athentication of an NFS mount!
So you can't NFS export CIFS share folders I found out...!!!???
I ended up creating a (mixed) qtree which is a CIFS share *and* NFS mount and all is fine....
I thought that was an interesting problem and thought I'd share it....
-Rob
Thanks to all who responded and offered ideas. And for not saying what an idiot i was....
What I find most interesting is that when I did the NFS export from within a Share it changed the athentication to CIFS. Fascinating... as spock would say...
So then one is relagated to any number of things like usermap.cfg, or even putting the users in your DC (workgroup db in my case). I didn't get to the usermap file because I first tried adding "www" to my workgroup user db. When that worked it clued me in what was happening and I chose the qtree. That seemed cleaner.
The point is taken and I do realize the "last one in gets the file security" with mixed qtrees. I thought about it and it should not be an issue since (I think) Apache only needs RO access to the NFS mount and thus should not affect NTFS ACLs. My guess is the access time will be updated by the NFS calls in the CIFS share but the ACLs shouldn't be changed by a RO access. Yes?
Thanks again!
-Rob
James Brigman jbrigman@nc.rr.com wrote:
st1:*{behavior:url(#default#ieooui) } Robert;
Did you put the www user in the /etc/usermap.cfg file on the filer?
JKB
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Robert Borowicz Sent: Thursday, September 02, 2004 4:51 PM To: toasters@mathworks.com Subject: NFS export from within a CIFS share
Had an interesting one today:
We created a CIFS share called "public" to create a department wide storage area for a project we've got going on. A web developer was editing HTML in a subfolder there and wanted it published for users to view. So I NFS mounted it to a test (SUN) webserver exporting it on the filer as:
/vol/sysvol0/public/html_files
<SNIP>
-
James Brigman -
Robert Borowicz