HPE Community
Operating System - HP-UX
1752596 Members
5162 Online
108788 Solutions
New Discussion юеВ

Restricting showmount

 
SoorajCleris
Honored Contributor

тАО10-22-2010 09:43 AM

тАО10-22-2010 09:43 AM

Restricting showmount

Hi Mates,

How can I restrict clients from seeing the exports from my NFS server?

server - HP-UX 11.31.

If I do showmount -e from ZZZ client, if the ZZZ client is not authorised to see that , it should not be able to see the exports.

How can I do this?

post your suggestions; points assured!!

Regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
8 REPLIES 8
Jibin Antony
Occasional Visitor

тАО10-23-2010 05:41 AM

тАО10-23-2010 05:41 AM

Re: Restricting showmount

I was also looking for this.

I tried adding following entries in /var/adm/inetd.sec too. (11.31)

# cat /var/adm/inetd.sec
mountd deny
mountd allow w.x.y.z a.b.c.d


# inetd -c

Still all clients are able to see exports using "showmount -e nfsserver". Tried restarting nfs.core, nfs.server and nfs.client services, but no luck.

Thanks in advance.
Jibs
0 Kudos
SoorajCleris
Honored Contributor

тАО10-24-2010 07:42 AM

тАО10-24-2010 07:42 AM

Re: Restricting showmount

Hi Mates,

waiting for your suggetions !!!

:(
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
SoorajCleris
Honored Contributor

тАО10-24-2010 08:57 PM

тАО10-24-2010 08:57 PM

Re: Restricting showmount

Hi Jibin,

Thanks for effors,

One of my mate suggested me to try with IPF with RPC.

inetd.sec is not working becuase mountd is not an inetd service.

regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
Jibin Antony
Occasional Visitor

тАО10-24-2010 10:51 PM

тАО10-24-2010 10:51 PM

Re: Restricting showmount

If I understood the man page correctly, inetd.sec should be able to limit the NFS access to selected clients. Here is an excerpt from man page.

-----------
service name { allow | deny } { hostaddrs | hostnames | netaddrs | netnames }

Note: service name is the name (not alias) of a valid service in file /etc/services. The service name for RPC-based services (NFS) is the name (not alias) of a valid service in file /etc/rpc. A service name
in /etc/rpc corresponds to a unique RPC program number.

----------

Thanks,
Jibin Antony
0 Kudos
SoorajCleris
Honored Contributor

тАО10-25-2010 10:03 PM

тАО10-25-2010 10:03 PM

Re: Restricting showmount

Hi Mates,

Waiting for your suggestions!!!

:(

Regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
SoorajCleris
Honored Contributor

тАО10-27-2010 06:49 PM

тАО10-27-2010 06:49 PM

Re: Restricting showmount

Hi Mates,

Waiting for your suggestions!!!

Regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
SoorajCleris
Honored Contributor

тАО10-30-2010 09:40 AM

тАО10-30-2010 09:40 AM

Re: Restricting showmount

Hi,

I think it may be a difficult / time taking question.. I am closing this thread.

I got some hint , trying with IP Filter. Still I dont have the procedure. Once I found it , I would update the thread.

I am closing this thready as of now.

regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
SoorajCleris
Honored Contributor

тАО10-30-2010 09:43 AM

тАО10-30-2010 09:43 AM

Re: Restricting showmount

Will update
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.