I have a question about the NFS client config on a CentOS7 cluster installation.
/opt/kaltura/bin/kaltura-nfs-client-config.sh <NFS host> <domain> <nobody-user> <nobody-group>
“NFS host” & “domain” I understand, but what are “nobody-user” & “nobody-group” ?
I don’t have access to the NFS server, so I’m not able to add the same users (UID) on both sides (IT won’t add new users for every share on their NFS server). It’s why I tried to configure the NFS client manually (without the kaltura-nfs-client-config.sh script). I now have a “permission denied” issue with the “kaltura” user (I can mount, then r/w with the root user tho). So I did
chown -R kaltura:kaltura /opt/kaltura/web/ but I still have a “permission denied” when I try to
sudo -u kaltura touch /opt/kaltura/web/test2.txt.
Help & thanks
I managed to avoid the “permission denied” issue with the kaltura user with the following commands:
chgrp kaltura /opt/kaltura/web
chmod g+rwx /opt/kaltura/web
So the group has to be the folder owner, not the user.
Any problem with those permissions for the NFS mount of a cluster node ?
You don’t need the entire /opt/kaltura/web/ dir to be owned by the kaltura user.
Essentially, you need the following dirs under the NFS mount to have write permissions for both the ‘kaltura’ and Apache users [apache in RHEL/CentOS, www-data in Ubuntu/Debian]:
Under /opt/kaltura/web/html5, for each player version, there is a cache dir which needs to be writeable by the Apache user [no need for the kaltura user to write to it].
/opt/kaltura/web/flash contains various SWFs for KMC, the legacy Flash player [KDP] and other widgets which we hope to deprecate soon [a new KMC built with Angular is in the works] but there is not need for it to be writeable by either the Apache or kaltura users since the only process that writes there is the package installation [rpm for RHEL/CentOS and dpkg for Debian/Ubuntu] and that runs as root.
/opt/kaltura/web/logs is used for DWH and logs are rotated there by logrotate, which also runs as root. These files are then read by the DWH processes which run as the kaltura user but no writing is taking place by the kaltura user to that dir.
Thanks for you detailed explanation as always.
Good new a new KMC version without flash is coming Any ETA ?