NFS Permissions
I have an OS X 10.2.8 file server that has a single share point exported (shared) over NFS. My server has 10 NFS clients that map to it in a 24/7 production environment (each with a unique IP). All of them are AIX boxes. My NFS server existed before my employment at my company, so I'm trying to learn the ropes. I'm afraid I'm totally new to NFS, but I'm excited to figure it all out! The share also provides SMB and AFP to a few Mac and Windows users in production. The AIX NFS clients are running Oracle services.
Situation:
I just found out that my Oracle guys want to add another AIX client to my NFS share. Here's the kicker: Unlike the other NFS clients, this new AIX client needs to have READ AND WRITE access to my NFS share. They are telling me that they currently cant write to my share for some reason.
Questions:
1) How can I configure NFS read and write access in OS X Server 10.2.8? Am I missing a config file somewhere? The GUI doesn't show me. 3 check boxes in WGM doesnt seem like enough admin control.
2) Since NFS uses IPs and not the usual UNIX users and groups for permissions, how can I tell which NFS clients have what access permissions?
3) How can I tell what permissions my current NFS clients have on my share? I understand the AFP and SMB user/group/other model, but I dont understand how to map an IP address with a specific permission (example: IP 10.0.1.1 gets full access, but 10.1.1.2 gets read-only access)
4) Any idea on why OS X doesn't provide me with a log file for NFS services? No monitoring tools per se.
5) Why doesn't OS X use the /etc/exports file? Is all this info in NetInfo db on my 10.2.8 server? (I don't use AD or OD on this server)
6) Based on my settings below, does it look like a (authorized IP) NFS client is able to read and write to my share?
WGM General Sharing Tab:
Share name "oracle"
Owner: "www" = read and write
Group: "oracle" = read and write
Other = read-only
WGM NFS Protocol Tab:
"Export this item and contents to: Client"
(the export scope is set for IPs 10.0.1.1 through 10.0.1.11 in the client list field)
Map Root to nobody is NOT CHECKED
Map all users to nobody is CHECKED
Read-only is NOT CHECKED
Situation:
I just found out that my Oracle guys want to add another AIX client to my NFS share. Here's the kicker: Unlike the other NFS clients, this new AIX client needs to have READ AND WRITE access to my NFS share. They are telling me that they currently cant write to my share for some reason.
Questions:
1) How can I configure NFS read and write access in OS X Server 10.2.8? Am I missing a config file somewhere? The GUI doesn't show me. 3 check boxes in WGM doesnt seem like enough admin control.
2) Since NFS uses IPs and not the usual UNIX users and groups for permissions, how can I tell which NFS clients have what access permissions?
3) How can I tell what permissions my current NFS clients have on my share? I understand the AFP and SMB user/group/other model, but I dont understand how to map an IP address with a specific permission (example: IP 10.0.1.1 gets full access, but 10.1.1.2 gets read-only access)
4) Any idea on why OS X doesn't provide me with a log file for NFS services? No monitoring tools per se.
5) Why doesn't OS X use the /etc/exports file? Is all this info in NetInfo db on my 10.2.8 server? (I don't use AD or OD on this server)
6) Based on my settings below, does it look like a (authorized IP) NFS client is able to read and write to my share?
WGM General Sharing Tab:
Share name "oracle"
Owner: "www" = read and write
Group: "oracle" = read and write
Other = read-only
WGM NFS Protocol Tab:
"Export this item and contents to: Client"
(the export scope is set for IPs 10.0.1.1 through 10.0.1.11 in the client list field)
Map Root to nobody is NOT CHECKED
Map all users to nobody is CHECKED
Read-only is NOT CHECKED