3
submitted 11 months ago by aqa5@alien.top to c/main@selfhosted.forum

I have serveral Ubuntu server running in virtual machines on my host. Everything works fine but there is a problem. I use NFS to share a common directory between the VMs. And as the machines user IDs are different so even when user and password are the same, they cannot write data or use data thats from another VM. Changing user IDs did not work properly, I rolled that back.

So, someone mentioned Kerberos to manage users. This seems a bit too much effort. Is there a better, lightweight solution? Or even another way to share a common disk space? How is this done usually?

you are viewing a single comment's thread
view the rest of the comments
[-] sudonem@alien.top 1 points 11 months ago

NFS handles permissions based on the UID and GID of the user account accessing the share. (Assuming you haven’t restricted the share to a specific subnet or host IP).

When you create the NFS share, assign permissions using a group with a non-standard GID (doesn’t matter what, but pick something you’ll remember like 3000).

How you go about that will depend on the server you’re running the NFS share on. It’ll be different for Ubuntu or TrueNAS or Unraid etc - so read the documentation.

Once that is sorted, for each VM you need to create a group using that GID and assign the relevant users on each VM to be members of that group.

If you’re following best practices and running services as non-root, it’s usually also necessary to change the group ownership of the mount point directories on each VM so that the group you’ve just created with GIS 3000 (or whatever) is the owner.

edit: As a side note, because this tripped me up for a while - if you’re running LXC’s in proxmox, they’ll need to be privileged containers or you need to manually enable the NFS option for the LXC otherwise it doesn’t matter what you do with permissions, you won’t be able to mount the share.

this post was submitted on 04 Dec 2023
3 points (80.0% liked)

Self-Hosted Main

504 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS