Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
Networking
cancel
Showing results for 
Search instead for 
Did you mean: 

How to restrict NFS share access to particular server ?

arunaphcl
Advisor

How to restrict NFS share access to particular server ?

 How to restrict NFS share access to particular server ?

 

P.S. This thread has been moved from Disk to  HP-UX > networking. -HP Forum Moderator

7 REPLIES
Dave Olker
HPE Pro

Re: How to restrict NFS share access to particular server ?

# man share_nfs

 

 

arunaphcl
Advisor

Re: How to restrict NFS share access to particular server ?

I tried that too but I culdn't find an option to restrict nfs share for a paticular server.

Dave Olker
HPE Pro

Re: How to restrict NFS share access to particular server ?

rw=client[:client] ...
Share the pathname read-mostly if sec= option is not
provided. Read-mostly means read-write to those
clients specified and read-only for all other
systems. If a sec= option is provided, pathname is
shared read/write only to the listed clients. No
other systems can access pathname.
Patrick Wallek
Honored Contributor

Re: How to restrict NFS share access to particular server ?

What version of HP-UX?

 

If 11.23 or older, then you use the 'access' keyword in the /etc/exports file.

 

If 11.31 it looks like you should use a combination of the 'sec' keyword and 'ro' or 'rw' access for specific hosts in the /etc/dfs/dfstab.

arunaphcl
Advisor

Re: How to restrict NFS share access to particular server ?

Its 11.31.

 

could you please share an example;

Dennis Handly
Acclaimed Contributor

Re: How to restrict NFS share access to particular server?

>could you please share an example

 

share -F nfs  -o ro=access_list,rw=access_list,sec=mode[:mode] pathname

For a particular server:

share -F nfs  -o rw=server-FQDN pathname

Highlighted
Patrick Wallek
Honored Contributor

Re: How to restrict NFS share access to particular server?

Here's an example from one of my servers.

 

I'm allowing the share to a server called atl1 only.  I am allowing read/write access and allowing root access as well.

 

# cat /etc/dfs/dfstab

# place share(1M) commands here for automatic execution
# on entering init state 3.
#
# share [-F fstype] [ -o options] [-d "<text>"] <pathname>
# .e.g,
# share -F nfs -o rw=engineering -d "home dirs" /home
share -F nfs -o sec=sys,rw=atl1,root=atl1 /var/tmp/pw

 

From ATL1:

 

# mount ignite:/var/tmp/pw /mnt
atl1-11.23 root / # cd /mnt
atl1-11.23 root /mnt # ll
total 16
drwxr-xr-x 2 root sys 96 Feb 27 10:08 .
drwxr-xr-x 27 root root 8192 Oct 24 12:39 ..
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile1
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile2
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile3
atl1-11.23 root /mnt # rm afile3
afile3: ? (y/n) y
atl1-11.23 root /mnt # ll
total 16
drwxr-xr-x 2 root sys 96 Feb 27 10:11 .
drwxr-xr-x 27 root root 8192 Oct 24 12:39 ..
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile1
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile2

 

From another server:

 

atl6-11.31 root /root # mount ignite:/var/tmp/pw /mnt15
nfs mount: ignite:/var/tmp/pw: Permission denied

 

Here's a link to the "NFS Services Administrator's Guide HP-UX 11iv3"

http://h20566.www2.hp.com/portal/site/hpsc/template.BINARYPORTLET/public/kb/docDisplay/resource.process/?spf_p.tpst=kbDocDisplay_ws_BI&spf_p.rid_kbDocDisplay=docDisplayResURL&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.rst_kbDocDisplay=wsrp-resourceState%3DdocId%253Demr_na-c02136987-1%257CdocLocale%253D&javax.portlet.endCacheTok=com.vignette.cachetoken

 

 

Hopefully this helps.