[CentOS] Network FS w/o user setup
tedjeanmiller at sbcglobal.net
Sat Jun 21 22:38:05 UTC 2008
Johnny Hughes wrote:
> Ted Miller wrote:
>> Johnny Hughes wrote:
>>> Ted Miller wrote:
>>>> Is there a file system + configuration that will let me share a
>>>> directory, and anyone who has access to something in that directory
>>>> on the server will also have access (and lack of access) to the same
>>>> files from the client? Clients will be Centos5, Win2K, WinXP.
>>>> Server is Centos5.
>>>> To put it another way, all users have accounts on the server. I
>>>> don't want to have to set up ANY user information on the server,
>>>> other than what I set up to control local access. I just want to
>>>> say "Share /vmware" and have it available, to the same users who can
>>>> access it locally.
>>>> With Samba I have to maintain duplicate user lists, password lists,
>>>> and share access lists. I have not been able to find a clear
>>>> instructions on how NFS4 handles this, but what I found didn't seem
>>>> any better than Samba.
>>>> I don't mind implementing ACLs on the server if it will do what I
>>>> need, but I can't find anything that says it will save me any work
>>> Well, since you want to set up shares ... and since you want to share
>>> between Windows and Linux machines, and to share for windows you will
>>> need to use samba.
>>> Since you can also set up linux to use a samba client, that would
>>> probably be the best method to "share these files" ... if you expect
>>> to just oepn them via a file manager on all platforms.
>> Is there a way to set up samba so that it "just uses" ACL information
>> for permissions, instead of having to spell everything out for each
>> share and each user?
> Well ... you would need to Join the "Samba Server" to your "Windows
> Domain". If that domain is ADS (Active Directory Services) then it is a
> different procedure than if it is a WinNT type Windows Domain.
This is getting well outside the range of complexity that I am looking for.
If I add more detail, maybe something more suitable to my situation will
suggest itself to members of the list.
1. This is a very small network, only one primary file server (office2). A
second file server (RAIDer1) has only one shared directory, so is not
really an issue.
2. Users log in primarily from Linux boxes, but have to run virtual Windows
machines for some software, and also log in from Windows laptops.
3. office2 is set up with logins and home directories for all users, and
directories are permissioned such that users can run programs on office2
(if needed) and directory permissions work right.
4. Some users don't have physical machines, but only have virtual
machine(s) running on office2, which also need "network" access to office2
Because all the users and permissions already exist on office2, I would
like those existing permissions to be reflected when the file system is
shared, just the same as when it is accessed locally. To restate: my
desire is that users, logins, and permissions be identical whether a user
is logged into office2 or whether that user is using a network file share
from another virtual or physical machine, running Linux or Windows. I
would think there would be a "market" for a network file system where
sharing a directory tree involved no more than assigning a network share
name to it. If (and only if) you had access to the file locally, you now
have access to it on the network. Very simple to administer, very simple
to understand--one set of permissions (kept locally) works everywhere.
From everything I have heard, a windows domain controller would be more
work than it is worth for this size of project, as I am looking for
something machine-scale, not enterprise scale.
I hope this more clearly expresses my desires, even if only so that
everyone can tell me to keep dreaming, because what I want doesn't
exist--or in the open source tradition, quit dreaming and start coding.
(Unfortunately I am still working on my first C++ lesson book.)
Sorry I neglected this (and all other) threads for a week or more, as I had
to learn how to do video editing to rescue an otherwise disastrously
unusable video project for my employer.
More information about the CentOS