(Bryan Davis from https://bugzilla.wikimedia.org/show_bug.cgi?id=73102#c3)
Ran chmod -R =rwX /data/project/upload7 to fix all file permissions.
(Marc A. Pelletier from https://bugzilla.wikimedia.org/show_bug.cgi?id=73102#c4)
Be aware that doing so has given write permission to any authenticated user.
This may not be a catastrophe in practice, but it has security impact.
(Bryan Davis from https://bugzilla.wikimedia.org/show_bug.cgi?id=73102#c5)
(In reply to Marc A. Pelletier from comment #4)
Be aware that doing so has given write permission to any authenticated user.
This may not be a catastrophe in practice, but it has security impact.This has been the fix for this particular issue as long as I've been helping
in beta. I agree that chmod 0777 is a lame solution, but the uid/gid
mismatches and NFS4 acls are a bit of a blocker to proper management of the
shared file permissions.
(Marc A. Pelletier from https://bugzilla.wikimedia.org/show_bug.cgi?id=73102#c6)
NFSv4 doesn't actually require UID concordance so long as the user /name/
exists on the NFS server do that it doesn't fall back to numerical IDs - the
proper solution to this is to make certain that any user or group that owns
files in the shared filesystem exist on the NFS servers.In the general Labs case, this is done through LDAP - but users and groups
coming from Debian packages need to either be added (before installation) to
LDAP or added to the NFS servers.
Version: unspecified
Severity: normal