Highlighted
Absent Member.
Absent Member.
832 views

Differing NSS rights

Hello,

I'm using an OES2 server, and it seems that rights are handled in a
somewhat flacky way, when seen from the POSIX side of things.

I have a directory, when seen from an NCP client, a user us trustee of
this directory, the user is able to read this dir from a NCP client
machine.

rights are shown as RWCEMF for the user from properties in a windows
explorer.

When using a linux shell or samba, the user have no rights to the
directory.

I tried a
rights show -f [directory]
from a root shell, and got

Trustees:
No Trustees Assigned


And now, I wonder what can be done to remedy this situation, that we are
having different rights, depending on how we access the NSS fileystem.
Are there for example some kind of NSS recalculate/recache rights
command, so that the posix applications can see the rights for real?
Labels (2)
0 Likes
2 Replies
Highlighted
New Member.

Re: Differing NSS rights

Nicolai,

When using a linux shell or samba, the user have no rights to the
directory.


Are this users lum enabled and samba enabled via imanager ?

In the nss volume (/media/nss/<VOLUME> if you did a default configuration) there is always a directory / file ._NETWARE/.trustee_database.xml taht shows the file and directory rights. Can you see what you have there in. Do not change anything in that, just use it to review the trustees.

Rainer
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Differing NSS rights

Thank you for taking the time to read and answer my post Rainer,

>> When using a linux shell or samba, the user have no rights to the
>> directory.

>
>Are this users lum enabled and samba enabled via imanager ?


Yes the use are samba and lum enabled.
Maybe I forgot to mention, that if I from windows explorer change the
rights to the dir (eg. remove Modify->Apply->Add Modify->Apply) then
the rights becomes correct again, seen from the rights command and a
DsfW login.
So... the user are LUM and SAMBA enabled, via DsfW. And I can "su" to
the user, and I cannot, as the user, access the homedir from a shell,
or from an SMB client.

>
>In the nss volume (/media/nss/<VOLUME> if you did a default
>configuration) there is always a directory / file
>_NETWARE/.trustee_database.xml taht shows the file and directory
>rights. Can you see what you have there in. Do not change anything in
>that, just use it to review the trustees.


I also forgot to mention, that the trustee_database.xml file, lists
the rights as they look from the NCP client side, that means the file
lists the user as a trustee, but when seen from, for example the
"rights" command on the box, there are no trustees.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.