HPE Community
Operating System - HP-UX
1846973 Members
4528 Online
110257 Solutions
New Discussion

/etc/exports access rights

 
SOLVED
Go to solution
Russell Boyd
Occasional Advisor

‎08-06-2002 07:48 AM

‎08-06-2002 07:48 AM

/etc/exports access rights

In /etc/exports you can limit (grant) access rights based on the options you supply it.

Given this entry. Is it legal syntax?
What is the effect of it?
What is the impact to 1) server2 users 2) user1 and 3) all other users.

/server/directory -rw=server2,user1,access=


Thanks,
Russell
He who does not slow down at the sight of a police car is probably parked!
0 Kudos
Reply
5 REPLIES 5
Thomas Schler_1
Trusted Contributor

‎08-06-2002 08:02 AM

‎08-06-2002 08:02 AM

Re: /etc/exports access rights

Russell,

it is not legal.

The option -rw is used to list a server or a list of servers. The list of servers must use the ':' sign as a field delimiter. If you want to restrict write permission to an user or a group of users, then you should use the file permission flags (see chmod(1)).

"access=" should be followed by a hostname or a netgroup or a list of one or the other. There should be no empty list.

See exports(4) for more.
no users -- no problems
Reply
Sajid_1
Honored Contributor

‎08-06-2002 08:05 AM

‎08-06-2002 08:05 AM

Solution

Re: /etc/exports access rights

hello,

1) The syntax is wrong. The ',' indicator should be used to specify different options only. If you want to specify multiple hostnames with '-rw' then use ':"

/server/directory -rw=server1:server2
2) Server2 will have read-write access and all others will have read-only.

3) There is no option called user1. See man exports for details
learn unix ..
Reply
Russell Boyd
Occasional Advisor

‎08-06-2002 08:11 AM

‎08-06-2002 08:11 AM

Re: /etc/exports access rights

Thomas,
Thanks for the reply. If you have access to the HP-UX System and Network Administration II class manual. Go to page 9-14 through 9-18. One of the examples they listed was this :

/home -root=hosta, access=

On page 9-18 they reference this:

"access=client[:client] Allows mount to the specified client or clients. A client can either be a host name or a netgroup. Each client in the list is first checked in the netgroup database. "

I am assuming that a host can be a workstation, server or person. Is that correct?

Russell
He who does not slow down at the sight of a police car is probably parked!
0 Kudos
Reply
Sajid_1
Honored Contributor

‎08-06-2002 08:33 AM

‎08-06-2002 08:33 AM

Re: /etc/exports access rights

hello,

again, a 'host' can be a server and a workstation, BUT not a person! the user level permissions can be set on the file systems/directories and not on the exports.

hth
learn unix ..
0 Kudos
Reply
Russell Boyd
Occasional Advisor

‎08-06-2002 08:40 AM

‎08-06-2002 08:40 AM

Re: /etc/exports access rights

Sajid,
Yes I realized that after I wrote that. It appears from what I am looking at that the "," is strictly for new options. And not for listing restictions down to a specific user. This can be accomplished through netgroups and maybe other ways as well.

Thanks to you and Thomas for helping work though this.

Russell
He who does not slow down at the sight of a police car is probably parked!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.