HPE Community
Operating System - HP-UX
1824189 Members
5173 Online
109669 Solutions
New Discussion юеВ

Using NFS

 
David Harwood
Occasional Advisor

тАО04-21-2010 06:14 AM

тАО04-21-2010 06:14 AM

Using NFS

Hi,

Hope the following makes sense...

Can anybody advise as to whether it's possible to use the automounter to mount NFS shares on demand, but stop non-root users manually mounting remote filesystems under /net? The auditors are complaining.

Thanks in advance.
0 Kudos
4 REPLIES 4
Rita C Workman
Honored Contributor

тАО04-21-2010 06:35 AM

тАО04-21-2010 06:35 AM

Re: Using NFS

A simple [ man automount ] will tell you that you can.

But...quoting the manpage on mount:

mount() can be invoked only by a user who has appropriate privileges.

You might need to consider securing things down a bit more.
For example, we run alot of SAMBA/CIFS file system shares. We deliberately set these up open to all interal users, so anybody on Windows could map to these. But the SAMBA shares we want secured we locked down to only those few users who have rights to these mountpoints.
Now for our HPUX NFS mounts, we actually have very very few of these and they are controlled by the HP Admin's only, with permissions accordingly.

Not sure if that helps...but not surprised that the auditors are complaining.

Rgrds,
Rita
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО04-22-2010 12:47 AM

тАО04-22-2010 12:47 AM

Re: Using NFS

>but stop non-root users manually mounting remote filesystems under /net?

I wasn't aware they could manually mount. But the automounter will mount under /net/.
0 Kudos
David Harwood
Occasional Advisor

тАО04-22-2010 02:16 AM

тАО04-22-2010 02:16 AM

Re: Using NFS

Good point well made - spotted that the auditors had been created an account for their audit purposes with sudo set up. Non-root can't mount. Spent the last day looking into a non-problem.

"mount: must be root to use mount"

Thanks all for your reponses.
0 Kudos
David Harwood
Occasional Advisor

тАО04-22-2010 02:18 AM

тАО04-22-2010 02:18 AM

Re: Using NFS

Thanks all
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.