It tells that any user that would be mapped to the NFS anonymous user is actually mapped to root will all the security issues that this imply. Anyone being root is normally mapped to anonymous to prevent abuse. This setting is telling remote users logged as root will keep their access rights on the share. You might want to limit the read/write access to a list of well known servers.
And always mount the file system with the "nosuid" option.
---------- Post updated at 02:26 PM ---------- Previous update was at 02:19 PM ----------
If the problem is with NFSv4 and you still want to try the "root=@..." option, try mounting the file system as NFSv3:
If that works, you can just change /etc/default/nfs on all your hosts to set the max NFS version to 3. In my experience, NFSv4 is often more trouble than it's worth.
(And if you ever deal with large files - bigger than 2gb - ALWAYS do what's necessary to make sure NFS clients can not mount NFSv2, which isn't large-file-aware. I've actually seen two cases where the version negotiation when a file system was mounted failed back to version 2, making files larger than 2gb "invsible". Either modify /etc/default/nfs to remove version 2 as the minimum option by making it 3, or specify the version you want in your mount options.)
Hi Friends,
I have problem using VI on my NFS as a user. But root does not.
When I tried to vi .cshrc, I have this error msg pops out
jennifer_hostname > vi .cshrc
"/var/tmp/Ex???? : Permission Denied"
jennifer_hostname >
Does any of you encounter this problem before or... (4 Replies)
I'm new to *nixs and I decided to start with FreeBSD.
I downloaded the ISO and installed it successfully, and managed to log in as root.
Now everytime I try to enter into a directory ( I think thats what Im doing) such as /etc or /usr I always will get a permission denied.
Any help is... (2 Replies)
Hi,
I have created symlink under /.
It is /latest Pointing to /home/users/neel_prog_V1.0.
(Note: I have created this symlink so that when version get changed I will need to change only symlink instead of doing changes in /etc/exports.)
I have shared this symlink with NFS. in /etc/exports I... (0 Replies)
Hi,
- I have two solaris 10 servers. One is running nfs server (let's call it server-1) and has a share set through /etc/dfs/dfstab file:
share -F nfs /opt/SHARE (where SHARE directory contains sub-items that I want to share)
- On server-1, I have started the nfs server service and have... (2 Replies)
I am trying to tidy our server and write cron to keep it tidy.
We took on a third party to do some work last year. They were given their own UID/pwd so that they would have limited access. Part of what they wrote created an archive file at the end of every day.
A year on and we don't want... (1 Reply)
I think I must be drain bamaged...
I'm just trying to export an NFS share and mount it on a client. Should be really easy but I'm failing!
Here's the set up:
Server:
OS: Centos 5.3
Name: fileprint-0 (aliases fp00, fs00)
Exported directory: /home/ESE
Client:
OS: Centos 5.3
... (5 Replies)
I have two servers, 82 and 70.
My exports file on 82 reads
/ ...70(rw)
on 70 I have a mountpoint called mnt_for_82
I execute on 70
mount -t nfs -o rw ...82:/ mnt_for_82
I go to server 70 and indeed can read and travers the mounted subdirectories. However, I try... (0 Replies)
Just installed apache 2.2.17 and I can start up the httpd server without any errors. However when I try to access my scripts in /cgi-bin/ I'm getting the following error in error_log:
Can't open perl script "/usr/local/apache2/cgi-bin/ldapsearch.cgi": Permission denied
Premature end of... (4 Replies)
nfs mount: Permission denied
Guy's
in Solaris 9 I'm trying to mount the below mount point as nfs in clinet
mount -F nfs -o rw 171.13.10.20:/shared /app
but I'm getting the below message !!!
bash-2.05# mount -F nfs -o rw 171.13.10.20:/shared /app
nfs mount:... (2 Replies)
Hi
I am administrator in unix
I want make backup folder and file in root directory
I use instruction Cp -r , But the system pear problem
cp: cannot create regular file : Permission denied
Can someone explain me what am I doing wrong??? please...
find other instruction backup folder... (1 Reply)
Discussion started by: xactor
1 Replies
LEARN ABOUT SUNOS
mountd
mountd(1M)mountd(1M)NAME
mountd - server for NFS mount requests and NFS access checks
SYNOPSIS
/usr/lib/nfs/mountd [-v] [-r]
mountd is an RPC server that answers requests for NFS access information and file system mount requests. It reads the file
/etc/dfs/sharetab to determine which file systems are available for mounting by which remote machines. See sharetab(4). nfsd running on the
local server will contact mountd the first time an NFS client tries to access the file system to determine whether the client should get
read-write, read-only, or no access. This access can be dependent on the security mode used in the remoted procedure call from the client.
See share_nfs(1M).
The command also provides information as to what file systems are mounted by which clients. This information can be printed using the show-
mount(1M) command.
The mountd daemon is automatically invoked by share(1M).
Only super user can run the mountd daemon.
The options shown below are supported for NVSv2/v3 clients. They are not supported for Solaris NFSv4 clients.
-r Reject mount requests from clients. Clients that have file systems mounted will not be affected.
-v Run the command in verbose mode. Each time mountd determines what access a client should get, it will log the result to the con-
sole, as well as how it got that result.
/etc/dfs/sharetab shared file system table
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWnfssu |
+-----------------------------+-----------------------------+
nfsd(1M), share(1M), share_nfs(1M), showmount(1M), nfs(4), sharetab(4), attributes(5)
Since mountd must be running for nfsd to function properly, mountd is automatically started by the svc:/network/nfs/server service. See
nfs(4).
Some routines that compare hostnames use case-sensitive string comparisons; some do not. If an incoming request fails, verify that the case
of the hostname in the file to be parsed matches the case of the hostname called for, and attempt the request again.
27 Apr 2005 mountd(1M)