BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
System Administration
Showing results for 
Search instead for 
Do you mean 

Can NFS Share be mounted on a client that doesnt have any persmission to the share???

SOLVED
Go to Solution
Highlighted
Regular Advisor

Can NFS Share be mounted on a client that doesnt have any persmission to the share???

HP-UX Gurus:

 

I want to share one of my filesystems via NFS with a Server B. However, I notice that on Server C which is not mentioned DFS tab, I am able to mount the same share in Read Only mode. I was under the impression,  the shared  filesystem shouldn't be able to be mounted on other Server - other than the one(s) mentioned in the DFS stab. Isn't this serious security violation?

 

Either I have understood this incorrectly or there is something more to the syntax in the /etc/dfs/dfstab file.

 

My /etc/dfs/dfstab entry on master server SERVERA

share -F nfs -o root=SERVERB,rw=SERVERB /home/USERA

 

 

Why am I able to mount it on a server (SERVERC) that is not mentioned in the Master server’s /etc/dfs/dfstab?

 

root@SERVERC:# mount SERVERA:/home/USERA /test

root@SERVERC:# bdf -t nfs

Filesystem          kbytes    used   avail %used Mounted on

SERVERC:/home/USERA

                   1048576   39544 1001160    4% /test

root@SERVERC:#

2 REPLIES
HPE Pro

Re: Can NFS Share be mounted on a client that doesnt have any persmission to the share???

# man share_nfs

 

rw=access_list


Sharing will be read-mostly to clients in
access_list. Read-mostly means read-write to
those clients specified and read-only for all
other systems. If sec= option is provided,
sharing will be read-write to the clients listed
in access_list; overrides the ro suboption for the
clients specified.

 

If you want to restrict access to the filesystem to ONLY those clients listed in the rw= list then you need to combine the rw= option with the sec= option.  In your case it would look something like this:

 

share -F nfs -o root=SERVERB,rw=SERVERB,sec=sys /home/USERA

 

Dave

Regular Advisor

Re: Can NFS Share be mounted on a client that doesnt have any persmission to the share???

Dave:

 

You are the man!! sec=sys is just what I was looking for. I tested it out and I am unable to mount it on a server that is not specified in the dfstab file. Thanks for taking the time and getting back to me. I appreciate the help.

 

-Kennedy