“NFS host” & “domain” I understand, but what are “nobody-user” & “nobody-group” ?
I don’t have access to the NFS server, so I’m not able to add the same users (UID) on both sides (IT won’t add new users for every share on their NFS server). It’s why I tried to configure the NFS client manually (without the kaltura-nfs-client-config.sh script). I now have a “permission denied” issue with the “kaltura” user (I can mount, then r/w with the root user tho). So I did chown -R kaltura:kaltura /opt/kaltura/web/ but I still have a “permission denied” when I try to sudo -u kaltura touch /opt/kaltura/web/test2.txt.
You don’t need the entire /opt/kaltura/web/ dir to be owned by the kaltura user.
Essentially, you need the following dirs under the NFS mount to have write permissions for both the ‘kaltura’ and Apache users [apache in RHEL/CentOS, www-data in Ubuntu/Debian]:
/opt/kaltura/web/content/
/opt/kaltura/web/dropfolders/
/opt/kaltura/web/tmp/
Under /opt/kaltura/web/html5, for each player version, there is a cache dir which needs to be writeable by the Apache user [no need for the kaltura user to write to it].
/opt/kaltura/web/flash contains various SWFs for KMC, the legacy Flash player [KDP] and other widgets which we hope to deprecate soon [a new KMC built with Angular is in the works] but there is not need for it to be writeable by either the Apache or kaltura users since the only process that writes there is the package installation [rpm for RHEL/CentOS and dpkg for Debian/Ubuntu] and that runs as root.
/opt/kaltura/web/logs is used for DWH and logs are rotated there by logrotate, which also runs as root. These files are then read by the DWH processes which run as the kaltura user but no writing is taking place by the kaltura user to that dir.
