[olug] NFS
Tim & Alethea Larson
thelarsons3 at cox.net
Wed Jun 4 22:26:57 UTC 2008
Brian Roberson wrote:
> If you have sync'ed up all the UID's client and server, I would definately
> get rid of all that root mangling! I think (fuzzy solaris memory) but it
> defaults to squash root, and best practice is not to trust any remote root
> anyways ;-)
>
> Just as a quick test, change your dfstab to:
>
> share -F nfs -o rw=client1,client2,client3 -d "pkgsrc" /usr/pkgsrc
>
>
> and mount from the client. do an ls to wherever you mounted it (as a user
> with file permisions on the export) and just try to touch a file (touch
> /some/mount/point/foobar)
>
> One other thing to note is to ensure name resulitions works 100% (FQDN and
> Reverse) for whatever client's you put in your "rw" list.
After about 8 or 10 attempts, I was able to get it to work with this:
share -F nfs -o rw,root=charliebrown:franklin:shermy:schroeder:olaf -d
"pkgsrc" /usr/pkgsrc
Since the file perms are 755 root:root I guess I don't necessarily have
to have it ro to other users. Since I'm the only root on the allowed
machines, I think I can trust myself. :)
Tim
--
Tim & Alethea
christtrek.org
More information about the OLUG
mailing list