# How to set NFS share permissions to work with linux client?



## s5e (Feb 24, 2018)

I can get it work if I do:
`chmod 777 /sharedfolder`
but then everyone get access to files.

Is it possible to make username server to control users like domain controller do, but without domain?


----------



## k.jacker (Feb 24, 2018)

I guess you have to verify that the the username on the server and on the client share the same UID.
On FreeBSD, the first user added will get UID 1001, while on Linux it think it starts with 1000 (by default).


----------



## Oko (Feb 24, 2018)

To my knowledge you have only two options. One is to synchronize /etc/group, /etc/passwd, and /etc/master.passwd  on your FreeBSD NFS file server and your client UNIX/UNIX-like machines (note that the above files might have slightly different names on OS X, and Linux). I have yet to come across legit technical reason to do such thing.

The second is to set up some kind client-server directory service protocol for your internal domain. Examples include old  Network Information Service (NIS for short) originally called Yellow Pages (YP) or  Lightweight Directory Access Protocol (LDAP) which can be further combined with  Kerberos network authentication protocol if the directory service protocol is going to be used over hostile networks (setting up University wide directory service example comes to mind). In practice for SOHO behind a common firewall I would recommend using LDAP for both authentication and authorization. Since I am not big fun of OpenLDAP I always use OpenBSD and its built in LDAP server for such thing. I don't know anything about Windows and things like Active Directory, Samba, and even how Windows handles file permission. Out of 100+ people in my lab I have only one person using Windows and I am forcing her to use *sshfs* to access her folders.


----------



## SirDice (Feb 28, 2018)

s5e said:


> Is it possible to make username server to control users like domain controller do


NFSv3 doesn't know or care about usernames. All it sees are the UID and GID of a user. So make sure the user account has the same UID/GID on both systems. With NFSv4 things are a little different though.


----------

