[deleted]
You need to set the permissions on the NAS to match up with the ID of your user.
[deleted]
Submitted 3 days ago by r0ertel@lemmy.world to selfhosted@lemmy.world
Comments
possiblylinux127@lemmy.zip 3 days ago
kylian0087@lemmy.dbzer0.com 3 days ago
Yeah which frankly gets annoying fast when dealing with multiple users. As you need to remember the UIDs of all the users and match them potentially on all systems.
A solution to this problem is using active directory or if it is only for Linux devices FreeIPA.
mbirth@lemmy.ml 3 days ago
Yeah, Synology and NFSv4 is a bit hit or miss if you don’t use a Kerberos server. I’ve experimented with that back in 2018 to no avail: blog.mbirth.uk/…/synology-nfsv4-with-id-mapping.h…
2xsaiko@discuss.tchncs.de 3 days ago
Please just use Kerberos instead of fiddling with uids. It’s the only sane way to get NFS access controls and user mapping. Works on both Linux and macOS (but there’s no NFS on Windows anyway).
I’d say you can run the Kerberos KDC on the NAS but if Synology has some locked down special OS you’ll need another machine for that.
Unfortunately SMB is so screwed that you can’t reuse ordinary Kerberos for authentication there, which is unfortunate if you want to have both that and NFS. I’ve yet to look into whether Samba AD can be used for both.
vividspecter@lemm.ee 3 days ago
but there’s no NFS on Windows anyway
There is, although only the client and only v3 support.
2xsaiko@discuss.tchncs.de 3 days ago
True. I knew I should have left that as “NFS 4” because someone would comment this. From what I’ve read (never used it), NFS 3 is very different to 4 and also just kind of not worth using, especially just for Windows, since it has no security at all.
thelittleblackbird@lemmy.world 3 days ago
I would recommend an LDAP sever for user Auth.
There you can create/authenticate user with a central repo in a machine independent fashion. Also having the possibility to allow /egate specific services from the central database is a big plus.
It seems difficult at the very beginning but it quickly pays off. Give it a try
just_another_person@lemmy.world 3 days ago
If you’re not using some sort of Domain mapping, then the use of the same mount by two different sharing services with different uids is going to break ownership. Doesn’t matter if it’s Synology or anything else.
NFSv4 domain mapping solves this by having the same domain configured in client and server. That’s probably your simplest option. From memory, I do believe Synology DOES set uid for whichever user is authenticated via SMB and NFS though, so are you using two different users for these mounts by chance?
If you don’t want to bother to setup LDAP or domain mapping, then just use SMB and that should solve the problem.
r0ertel@lemmy.world 3 days ago
Thanks for the feedback. I plan to do some reading on NFSv4 domain mapping this weekend.
vext01@lemmy.sdf.org 3 days ago
It was over a decade ago when I last looked, but all the ldap/kerberos stuff put me right off NFSv4.