This appendix provides information about the NFS Server Access Modes.
Whenever a file or directory is created on the NFS side, the Owner, Group, and Others become the trustees on the NetWare side for NetWare-NFS and NFS-NetWare modes. The trustee rights are determined by the rwx permissions that are set on the NFS side at the time of creation. Executing a chmod command would actually result in the trustee rights getting changed for NFS-NetWare Mode. Apart from changing the trustee rights, the file's attributes are also decided by the rwx permissions. If all the three of them (Owner, Group, Others) have only r-r-r-, then the file would be marked as Read-only.
NetWare Mode---Controls access to the exported NFS directory using NetWare access control methods such as NetWare rights and attributes. This mode is to be used only when the control needs to be on the NetWare side and the volume is exported only for NFS sharing.
When using this mode, NFS permissions do not modify the settings of the NetWare rights and attributes.
This mode functions as follows:
Table 4. NetWare Mode Functions
If, for example, a file is created by user sara belonging to group test, with ls -l, the attributes would be as follows:
file rwxr-r--- sara test
The GID is the primary GID of sara, but on the NetWare client side sara is the owner of the file.
The chmod request is successful only for -x-x-x. For example, if vol1 with a file fil1and with only [R-------F] for a group is exported, the NFS rights would be r-x.
file r-xr-r- sara test
Executing the chmod 777 fil command does not change the rights. It still shows as r-x.
file r-xr-xr-x sara test
NetWare-NFS Mode---Creates trustee rights to emulate NFS permissions whenever permissions are created or changed by the NFS client.
In using this mode, NFS permissions override NetWare rights, but NetWare attributes are always enforced and therefore cannot be overridden by NFS permissions. Use this mode if you want NetWare trustee rights to emulate NFS permissions.
This mode functions as follows:
Table 5. NetWare-NFS Mode Functions
The User, Group, and Others get mapped to the appropriate NetWare user groups and their rights [rwx] get mapped to [SRWCEMFA], NetWare rights. But the attributes are not affected. For example, if the file were created with r-r-r-, NetWare would not change the attribute to [RO] for that file.
For any file that gets created from the NFS side, or for files that already exist in NetWare when the volume is exported, any change in the permissions would change the trustee rights on the NetWare side.
For example, if a user sara, whose primary group is test, creates a file on the NFS side, the trustees on the NetWare side would be as follows:
.sara.novell |
User |
.test.novell |
Group |
.o-novell |
Others |
The chmod command would work only for a Superuser on the NFS side executing the command on a volume exported with ROOT access. For other users and other non-Root access exports, the command would not succeed.
The chgrp command changes the trustees on the NetWare side. If for a particular UNIX group there is no mapped NetWare group, the NetWare server would be made the trustee.
The chmod command has the effect of modifying the trustee rights appropriately.
NFS-NetWare Mode---Creates trustee rights and NetWare attributes to emulate NFS permissions whenever permissions are created or changed by the NFS client.
When using this mode, NFS permissions override both NetWare rights and attributes. Use this mode if you want both NetWare trustee rights and attributes to emulate NFS permissions.
This mode functions as follows:
chmod 444 file Not only would the write permission be removed from the NetWare trustee assignments of the file, but the Read-only attribute would also be set. For example, if the file has been given [RW] permissions on the NetWare side, and on the NFS side the owner of the file executes a chmod command and changes it to r-r-r-, the attributes are changed to [R] on the NetWare side. The functions of this mode are listed in Table 6.
Table 6. NFS-NetWare Mode Functions
NFS Mode---Does not automatically map between file systems.
Use NFS Mode if the directory is accessed primarily by NFS clients.
This mode functions as follows:
Table 7. NFS Mode Functions
For files that already exist and that were created by NetWare clients, the owner and the group become Admin and Admin's primary group.
For files that are created from the NFS side, the user group would not get mapped to any trustee on the NetWare side. The owner ID of the DOS name space is set to Nobody, which means that the file is owned by the NetWare server. Some versions of FILER would indicate no owner and older versions would indicate that the NetWare Server owns it.
If the volume is exported with root access for the UNIX machine and the Superuser executes a chown command for an existing NetWare file, the owner ID of the file would change to Nobody. Therefore, an empty directory is exported for NFS Mode.
The file would still be accessible to NetWare users (trustees, etc.). For example, if user sara creates a file from the NFS side, on the NFS side you will see the following:
file rw-rw-rw- sara test
When the command rights File/t is executed on the NetWare client, the message no trustees are assigned is displayed. For any change that occurs, like chmod, NFS name space gets modified.
Independent Mode---An extension of the NFS Mode. Like the NFS Mode, this mode stops access mapping between NetWare and NFS Independent Mode.
In this mode, access control at NetWare and at UNIX are independent of each other.
This mode functions as follows:
-rw-r-r- (file) drwxr-xr-x (directory) The functions of this mode are listed in Table 8.
Table 8. Independent Mode Functions