[lug] where are mount directory permissions set?
D. Stimits
stimits at idcomm.com
Wed Mar 22 18:20:51 MST 2000
Samartha wrote:
>
> I have a situation where a server program mounts a nfs file system from a
> Psion hand held computer under Linux over a serial line.
>
...snip...
>
> if ((mfp = setmntent(MTAB_PATH, "a")))
> addmntent(mfp, &mnt);
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Default nfs security requires that users and UID are the same on two
machines. Which means nfs might be easy to use to gain access that
shouldn't. By default, for this reason, nfs denies root access. You
can tell it not to do this. See "man exports". Here is an excerpt from
"man exports" (exports file is in /etc/):
nfsd bases its access control to files on the server machine on
the uid and gid provided in each NFS RPC request. The normal behav-
ior a user would expect is that she can access her files on the
server just as she would on a normal file system. This requires that
the same uids and gids are used on the client and the server
machine. This is not always true, nor is it always desirable.
Very often, it is not desirable that the root user on a
client machine is also treated as root when accessing files on the NFS
server. To this end, uid 0 is normally mapped to a different
id: the so-called anonymous or nobody uid. This mode of
operation
(called `root squashing') is the default, and can be turned off
with no_root_squash.
More information about the LUG
mailing list