Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

jeffc2

26 Posts

2591

January 30th, 2013 13:00

Group sticky bit being set for group writes on unix nfs.

Greetings,

I'm setting up a 6.5.5.12 cluster that will be using nfs only at this point in time.  I think most of the export pieces are OK for root client access and NIS.  The behavior I am seeing is the group permissions on a directory are being passed to sub-directory file or directory creation, much like a sticky bit.

I've tried a variety of export options, including selecting unix security, but nothing seems to change.  Here is an example:

$ pwd

/net/isilon/ifs/projects/testing2

fred...(/net/isilon/ifs/projects/testing2)

$ ll -d .

drwxrwxrwx 3 root root 0 Jan 30 14:35 .

fred...(/net/isilon/ifs/projects/testing2)

$ id

uid=24611(jeffc) gid=20(games)

fred...(/net/isilon/ifs/projects/testing2)

$ touch zzz

fred...(/net/isilon/ifs/projects/testing2)

$ ll

total 2

-rw-r--r-- 1 jeffc root 0 Jan 30 14:36 zzz

fred...(/net/isilon/ifs/projects/testing2)

As you can see, the file was created with group ownership of root, but my user ownership.  I've created directories below this, change group ownership, then created files in them.  No matter what directory I go to, all group ownership ends up as whatever group the directory is owned by and not my user group.

Can this be fixed, or is this an intentional feature?

Thanks,

Jeff

AndrewChung

132 Posts

January 30th, 2013 19:00

This is a source of confusion for many people.  The default behavior for an Isilon cluster is for new directories created via the CLI or over NFS to adhere to BSD semantics if there are no ACLs on the directory.  BSD semantics by default will create directories with the same group owner as the parent directory, unlike Linux which will take the user's primary group.  You can change this behavior through the WebUI.

In OneFS 6.5 and below this can be found at: File Sharing -> Advanced -> ACL Policies

In OneFS 7.0 this can be found at: Protocols -> ACLs -> ACL Policies

Group Owner inheritance.png

Change the Group owner inheritance setting to Linux and Windows semantics.

jeffc2

26 Posts

January 30th, 2013 19:00

Andrew,

Thanks for the pointer.  This is exactly where I needed to go.  Since we are running nfs only right now, I used the Linux and Windows semantics in the last entry.  Since there were no ACLs in place it kept the BSD behavior.

I verified the changes work as expected.

Jeff

AndrewChung

132 Posts

January 31st, 2013 11:00

No problem, glad I could help out.

View More

View All

No Events found!

Top