go-nfs not taking into account file permissions about go-nfs HOT 4 CLOSED

Are you trying to have multiple users access the server, and translate the permissions of those users into the file access permissions? do you mean that when you mount, you aren't seeing the expected unix permissions of files on the client?

from go-nfs.

Having multiple users access the server is the use case. Every user will have their own uid,gid. At this point this is what I'm seeing:

The exported folder is owned by UID 5000, the nfs server is run by the UID 5000.

When I mount the share from another server, I do see the files and folder being owned by UID,GID 5000. Even if I don't have access to the file because my UID is 1000 and I don't have GID 5000 assigned to this user I can read the file and even modify it.

This is what I see from user 1000 when it accesses the mount:

$ ls -l
total 1
-rw-rw----. 1 5000 5000  0 feb 16 17:10 dummy1

With this user I can read, create and update files. When new files are created they get created with UID and GID set to 5000. So my guess is that the nfs is receiving the creation order and instead of checking the permissions it goes ahead and create the files with its own UID,GID combination.

So summarizing, I do see the unix permissions of files on the clients, but they're not honored.

from go-nfs.

Authentication and permission of clients is not fully worked through on any of the example handlers, as my primary use case has been in single user systems.

When a user mounts the filesystem, the handler is able to check access of the mount and associate an effective user with the file system view returned.

Currently access for all demos is just using a NullAuthHandler which doesn't attempt to do any uid association between client and server UIDs.

from go-nfs.

Okay, since this is expected I'm closing the issue.

Thanks.

from go-nfs.