HPE Community
Operating System - HP-UX
1819678 Members
3385 Online
109605 Solutions
New Discussion юеВ

Allow root access to an NFS share from multiple clients

 
Tony Walker_2
Frequent Advisor

тАО04-11-2005 10:05 PM

тАО04-11-2005 10:05 PM

Allow root access to an NFS share from multiple clients

Hi Guys,

OK, so I know that I can use -root=server1:server2 etc to allow root from a specific NFS client to have root privileges... However, I want to set this for ANY client that may attach to this share. Is there some sort of -root=* equivalent I can use?

Cheers,

Tony
0 Kudos
Reply
6 REPLIES 6
harry d brown jr
Honored Contributor

тАО04-11-2005 11:22 PM

тАО04-11-2005 11:22 PM

Re: Allow root access to an NFS share from multiple clients


Just

chmod -R 777 directoryofnfsmount

effectively the same thing.

live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
Tony Walker_2
Frequent Advisor

тАО04-12-2005 12:15 AM

тАО04-12-2005 12:15 AM

Re: Allow root access to an NFS share from multiple clients

I should explain. The FS being exported will contain users filesystems so I can't have that sort of permission set. I would just like to allow root to have root access only.

0 Kudos
Reply
harry d brown jr
Honored Contributor

тАО04-12-2005 12:34 AM

тАО04-12-2005 12:34 AM

Re: Allow root access to an NFS share from multiple clients

If you don't specifically specify hosts with -root=, then a user can masquerade as root and mount the NFS and have full privileges, so why not just make everything 777 ?

live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
Tony Walker_2
Frequent Advisor

тАО04-12-2005 01:05 AM

тАО04-12-2005 01:05 AM

Re: Allow root access to an NFS share from multiple clients

This is true but I'm more prepared to take that risk than I am to just leave it wide open by default. I'm more interested in whether there is a way of implementing -root=*. If there is not then its back to the drawing board..

Thanks.
0 Kudos
Reply
harry d brown jr
Honored Contributor

тАО04-12-2005 01:07 AM

тАО04-12-2005 01:07 AM

Re: Allow root access to an NFS share from multiple clients

I haven't found anything that would allow that, though it would be "nice".

live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
Florian Heigl (new acc)
Honored Contributor

тАО04-12-2005 01:17 AM

тАО04-12-2005 01:17 AM

Re: Allow root access to an NFS share from multiple clients

I'm also not a friend of using world-writeable permission, assuming that the remote hosts nfsd is running on a priveledged port, the chance of someone escalating his privileges is at least lower than is just anyone may access anything in any way.

but, to answer Your question: most unices would offer -maproot=root - but we don't have it. I'd recommend You to switch over to using a netgroup for this share:

/share -access=@clients -root=@clients with 'clients' being defined in /etc/netgroups. while this won't automatically set the root access, the result will be the same.

The worse way would be setting -anon=0 which would give root permissions to just anyone.
yesterday I stood at the edge. Today I'm one step ahead.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.