NFS share options - SUN Solaris

psimoes79 · #1 (**permalink**) 10-01-2007

Hello,

I'm doing a Perl script to parse the dfstab file and find dangerous configurations (rw to everyone, root access, etc). My question is, if I have a share command like this:

Code:

share -F nfs -o ro=chrome:copper:zinc,root=chrome /usr/man

it means that the /usr/man is "rw" to everyone (because "rw" isn't present) or the "ro" overwrites the default "rw" option? I'm a little confused on these details, could someone give me some lights?

Thanks.

porter · #2 (**permalink**) 10-01-2007

and nfs share of rw isn't necessarily dangerous, as it may be appropriate for clients to write to servers. the user/group/read/write/execute attributes are still respected, however you need to confirm that there is a one to one mapping for uids and gids between server and all clients.

the "root=" means that the root from server chrome will be allowed root access to this share. This would typically be used for diskless clients.

psimoes79 · #3 (**permalink**) 10-01-2007

Well, I think I was not explicit enough. With that share options, it means that /usr/man is rw to everyone due to the absent of rw in the options configuration? Or the ro option overwrites the default rw behaviour? It's the same having this:

Code:

share -F nfs -o ro=chrome:copper:zinc,root=chrome /usr/man

or this:

Code:

share -F nfs -o ro=chrome:copper:zinc,root=chrome,rw /usr/man

?

Nevermind the other options, they're there just as an example.

porter · #4 (**permalink**) 10-01-2007

A share is read/write unless the read only option is changes it.

Code:

                ro    Sharing will be read-only to all clients.

                ro=access_list
                      Sharing will be read-only  to  the  clients
                      listed  in  access_list;  overrides the  rw
                      suboption for the  clients  specified.  See
                      access_list below.

UNIX man pages : share_nfs (1M)

psimoes79 · #5 (**permalink**) 10-01-2007

But the order matters? For example:

Code:

share -F nfs -o rw=chrome,ro=chrome /usr/man

and

Code:

share -F nfs -o ro=chrome,rw=chrome /usr/man

I think in the 1st the ro overwrite the rw and in the 2nd vice-versa. Right?

porter · #6 (**permalink**) 10-01-2007

Quote:

Originally Posted by psimoes79

I think in the 1st the ro overwrite the rw and in the 2nd vice-versa. Right?

1. try it

2. it *may* be undefined behaviour,

however the doc says "ro" overrides "rw".

reborg · #7 (**permalink**) 10-01-2007

The most restrictive permissions apply, in this case it will be ro.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
how i can share from fc5 folder	sadiquep	Linux	0	04-07-2007 02:25 PM
how to share filesystem	eykyn17	HP-UX	0	03-20-2007 09:36 AM
Which Files To Share WIth CSM?	MyMateDave	AIX	0	03-23-2006 02:24 AM
Share CD-Writer	Sergiu-IT	UNIX for Dummies Questions & Answers	2	05-12-2005 10:22 AM
How can I share dir	Z0DiaC	UNIX for Dummies Questions & Answers	4	08-28-2001 11:46 PM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode