Operating System - Linux
1745826 Members
3838 Online
108722 Solutions
New Discussion юеВ

Limiting Access to NFS mounts

 
SOLVED
Go to solution
Andrew Kaplan
Super Advisor

Limiting Access to NFS mounts

Hi there --

I have set up the exporting of filesystems on a particular server. What I want to do now is limit the access to the filesystems to one system. The exports file that I have in place has the following syntax:

/home/nohadani (sync,rw,root_squash)
/media/disk/nohadani (sync,rw,root_squash)

The problem that I am having is I am able to mount the directories in question from a remote host other than the one specified in the exports file. What other configuration steps do I need in order to limit access to the NFS mounts exclusively to the host listed in exports? Thanks.
A Journey In The Quest Of Knowledge
6 REPLIES 6
Stuart Browne
Honored Contributor
Solution

Re: Limiting Access to NFS mounts

You need to re-export the exports file:

exportfs -ra
One long-haired git at your service...
Dave Olker
HPE Pro

Re: Limiting Access to NFS mounts

Hi Andrew,

Another thing to check is to make sure there is no space between the hostname and the open parenthesis. In other words, some Linux variants treat this string:

/media/disk/nohadani (sync,rw,root_squash)

differently from:

/media/disk/nohadani (sync,rw,root_squash)

Note the blank space between and '('. Once you have the /etc/exports syntax correct, be sure to issue the "exportfs -av" command as previously suggested.

Regards,

Dave
I work for HPE

[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Andrew Kaplan
Super Advisor

Re: Limiting Access to NFS mounts

Hi there --

Thanks for the help. When I ran the exportfs -rav command, the output indicated the hostname was not recognized. Most likely this is due to some DNS error.

To expedite matters, I replaced the hostname with the ip address of the system in question, and reran the exportfs -rav command again. There were no errors in the output, and a subsequent test on a remote system other than the one in question resulted in a permission denied message, which is what was supposed to happen.

Thanks again for the help.
A Journey In The Quest Of Knowledge
Ivan Ferreira
Honored Contributor

Re: Limiting Access to NFS mounts

Remember that NFS uses tcpwrappers, and you can also use hosts.allow, hosts.deny files to limit access to NFS services.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Andrew Kaplan
Super Advisor

Re: Limiting Access to NFS mounts

Hi there --

I need to edit the original message. Is there a way I can do so? Thanks.
A Journey In The Quest Of Knowledge
Dennis Handly
Acclaimed Contributor

Re: Limiting Access to NFS mounts

>I need to edit the original message. Is there a way I can do so?

No. If there is a security/privacy issue because you have that in your text, you could ask the moderators to remove it. But not for some simple typos. You can just correct it in a reply.

For moderator requests, there is a monthly thread in: Your questions regarding ITRC Forums > general: March/April 2009 Issues Requiring Moderator Intervention
http://forums.itrc.hp.com/service/forums/questionanswer.do?threadId=1318758