So after a recent Arch upgrade, Samba mysteriously stopped working, and I really wasn’t in the mood to troubleshoot what broke it. I have always disliked Samba (and CIFS as a whole), so was pleasantly surprised to learn an NFS client has been shipping with Windows for like, ever, now.
After installing and configuring NFS in Arch (a bit more involved that I would’ve liked but not too painful), and installing the NFS client service in my Windows machine, I was able to connect and browse the share, but had no write permissions (despite it being configured as rw).
This was of course related to the awesome Unix file permissions. Depending on the UID/GID the client authenticates with, it will have the permissions as specified by each file’s mode. By default, the Windows NFS client connects with -2/-2, which maps to ‘other’ on the Linux side, so you’d need write permission for ‘other’ on every file. This is a problem unless all your files have it, but mine default to 644 (read-only for ‘other’), which is a pretty common and safe mode.
There’s a couple of ways I tried to fix this, and only the last one worked.
The NFS server has the ability to force all anonymous connections to a specific UID/GID. This is done using the following share options:
/export/home 192.168.137.0/24(rw,nohide,no_subtree_check,async,all_squash,anonuid=1000,anongid=100)
What all_squash does is basically treat all clients as anonymous, whereas anonuid and anongid assign a single UID/GID for these anonymous connections.
For some reason, this didn’t work for me. I’m guessing it has something to do with the Windows client, but I still couldn’t write to the share.
Luckily, I found the following tip/hack: http://blogs.msdn.com/b/sfu/archive/2009/03/27/can-i-set-up-user-name-mapping-in-windows-vista.aspx
- Start Registry Editor (regedit.exe)
- Locate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default- Create two DWORD values named AnonymousUid and AnonymousGid
- Set these values to the UID and GID you would like this NFS client to use
- Restart your Client for NFS service using the Microsoft Services for NFS MMC snap-in
This simply forces the client to identify with your chosen UID/GID (instead of the default -2/-2), which is basically what I needed. You could remove the all_squash and the other options, but I left them there anyway, it works great. This tip is for Vista, but it also works on 7, not sure on previous Windows versions.
Now I have access to all my Linux files from Windows again, and without bloody Samba. The only thing I’m still figuring out is how to automatically connect to the share at Windows startup. I’ll update this post when I have a reliable method.
Cheers!