Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Understanding local access to NFS export
Operating Systems Linux Red Hat Understanding local access to NFS export Post 302605550 by admin_xor on Wednesday 7th of March 2012 05:47:18 PM
Old 03-07-2012
As mark suggested adding the user bobsmith to anongid group will do what you want. But, if anongid is owner of other directories as well and if you don't want bobsmith to have a peek on those other directories, you could probably implement ACL locally. Note, that you may need to remount the filesystem with acl option if it's not already enabled in /etc/fstab.

Code:
setfacl -m d:u:bobsmith:rwx /export/foobar

 

10 More Discussions You Might Find Interesting

1. HP-UX

nfs export permissions

Hello, If I have an export like: /usr/temp -rw=ram:alligator means that /usr/temp has "rw" permissions to ram and alligator machines and has "ro" to everyone else? (1 Reply)
Discussion started by: psimoes79
1 Replies

2. Filesystems, Disks and Memory

NFS export filesystem with several partitions

I want to export the file system which consist of several partition. For example I export / and there are /home, /usr partitions. On client side I can see all files in /, but /home and /usr are empty. So far I failed to find the way to make other partitions visible in one mount. :confused: Of... (2 Replies)
Discussion started by: fmtu2005
2 Replies

3. Filesystems, Disks and Memory

Local NFS import / re-export using automount?

Hi, Can I do the following: On SunOS 5.8 /etc/vfstab: remote-host:/Volumes/webdata - /export/home/webdata nfs - yes rw,vers=3,soft,intr,bg,timeo=600 In /etc/auto_direct: /home/science $HOST:/export/home/webdata/science /home/science-edu ... (2 Replies)
Discussion started by: bloyall
2 Replies

4. Solaris

Could I re-export a NFS resource to a third server ?

Hey Guys. Could someone said if is possible take a NFS resource get it from a original Server a export it and mount it in a third server ? Thank in Advace.... SUN ADMIN (3 Replies)
Discussion started by: aggadtech08
3 Replies

5. Solaris

nfs export not working at boot

we have a Solaris 8 nfs server that exported two shares. entries are in /etc/dfs/dfstab. clients have been accessing these shares for several years. we just rebooted this nfs server and noticed that no share gets exported. I don't see relevant messages from dmsg nor messages file, is there... (6 Replies)
Discussion started by: jalite19
6 Replies

6. AIX

nfs export

Hi How to export a file system from my aix box named ABC in such a way that everyone on the network should be able to import it When on the client side if they give showmount -e ABC it should show like this: # showmount -e ABC export list for ABC: /sybase/software (everyone) (2 Replies)
Discussion started by: newtoaixos
2 Replies

7. Red Hat

CIFS share re-export NFS

Hi Guys, need help here. i have windows server that share a folder C:/ABCDE i configure samba client in Linux server as /EDCBA and it working fine. then i want to share this /EDCBA to another Linux server using NFS. in the /etc/exportfs i have put /EDCBA - *(rw,no_root_squash) ... (1 Reply)
Discussion started by: prossits
1 Replies

8. AIX

CIFS share re-export NFS

Hi Guys, need help here. i have windows server that share a folder C:/ABCDE i configure samba client in AIX server as /EDCBA and it working fine. then i want to share this /EDCBA to another AIX server using NFS. in the /etc/exportfs i have put /EDCBA... (1 Reply)
Discussion started by: prossits
1 Replies

9. Shell Programming and Scripting

Problem in understanding export uses

i am beginner in shell scripting. not able to understand what below line will do. PS1=${HOST:=Žuname -nŽ}"$ " ; export PS1 HOST below is the script #!/bin/hash PS1=${HOST:=Žuname -nŽ}"$ " ; export PS1 HOST ; echo $PS1 and i getting the below output Žuname -nŽ$ (25 Replies)
Discussion started by: scriptor
25 Replies

10. Red Hat

NFS share full access for local user

Hi All, Is it possible to give full access for a normal user in a NFS share? If its not possible is there a trick with which I can make it work? Thanks in advance Shyam (1 Reply)
Discussion started by: shyam2j
1 Replies

LEARN ABOUT X11R4

getfacl

getfacl(1)							   User Commands							getfacl(1)

NAME

       getfacl - display discretionary file information

SYNOPSIS

       getfacl [-ad] file...

DESCRIPTION

       For  each  argument  that is a regular file, special file, or named pipe, the getfacl utility displays the owner, the group, and the Access
       Control List (ACL).  For each directory argument, getfacl displays the owner, the group, and the ACL and/or the default ACL. Only  directo-
       ries contain default ACLs.

       The getfacl utility may be executed on a file system that does not support ACLs. It reports the ACL based on the base permission bits.

       With no options specified, getfacl displays the filename, the file owner, the file group owner, and both the ACL and the default ACL, if it
       exists.

OPTIONS

       The following options are supported:

       -a	Displays the filename, the file owner, the file group owner, and the ACL of the file.

       -d	Displays the filename, the file owner, the file group owner, and the default ACL of the file, if it exists.

OPERANDS

       The following operands are supported:

       file	The path name of a regular file, special file, or named pipe.

OUTPUT

       The format for ACL output is as follows:

       # file: filename
       # owner: uid
       # group: gid
       user::perm
       user:uid:perm
       group::perm
       group:gid:perm
       mask:perm
       other:perm
       default:user::perm
       default:user:uid:perm
       default:group::perm
       default:group:gid:perm
       default:mask:perm
       default:other:perm

       When multiple files are specified on the command line, a blank line separates the ACLs for each file.

       The ACL entries are displayed in the order in which they are evaluated when an access check is performed. The default ACL entries that  may
       exist on a directory have no effect on access checks.

       The  first three lines display the filename, the file owner, and the file group owner. Notice that when only the -d option is specified and
       the file has no default ACL, only these three lines are displayed.

       The user entry without a user ID indicates the permissions that	are granted to the file owner. One or more additional user  entries  indi-
       cate the permissions that are granted to the specified users.

       The  group  entry  without  a  group  ID  indicates the permissions that  are granted to the file group owner. One or more additional group
       entries indicate the permissions that  are granted to the specified groups.

       The mask entry indicates the ACL mask permissions. These are the maximum permissions allowed to any user entries except the file owner, and
       to any group entries, including the file group owner. These permissions restrict the permissions specified in other entries.

       The other entry indicates the permissions that are granted to others.

       The  default entries may exist only for directories. These entries indicate the default entries that are added to a file created within the
       directory.

       The uid is a login name or a user ID if there is no entry for the uid in the system password file, /etc/passwd. The gid is a group name	or
       a group ID if there is no entry for the gid in the system group file, /etc/group. The perm is a three character string composed of the let-
       ters representing the separate discretionary access rights: r (read), w (write), x (execute/search), or the place holder character  -.  The
       perm is displayed in the following order: rwx. If a permission is not granted by an ACL entry, the place holder character appears.

       If   you  use the chmod(1) command to change the file group owner permissions on a file with ACL entries, both the file group owner permis-
       sions and the ACL mask are changed to the new permissions. Be aware that the new ACL mask permissions may change the effective  permissions
       for additional users and groups who have ACL entries on the file.

       In  order  to  indicate	that  the  ACL mask  restricts an ACL entry, getfacl displays an additional tab character, pound sign (#), and the
       actual permissions granted, following the entry.

EXAMPLES

       Example 1: Displaying file information

       Given file foo, with an ACL six entries long, the command

       host% getfacl foo

       would print:

       # file: foo
       # owner: shea
       # group: staff
       user::rwx
       user:spy:---
       user:mookie:r--
       group::r--
       mask::rw-
       other::---

       Example 2: Displaying information after chmod command

       Continue with the above example, after chmod 700 foo was issued:

       host% getfacl foo

       would print:

       # file: foo
       # owner: shea
       # group: staff
       user::rwx
       user:spy:---
       user:mookie:r--	   #effective:---
       group::---
       mask::---
       other::---

       Example 3: Displaying information when ACL contains default entries

       Given directory doo, with an ACL containing default entries, the command

       host% getfacl -d doo

       would print:

       # file: doo
       # owner: shea
       # group: staff
       default:user::rwx
       default:user:spy:---
       default:user:mookie:r--
       default:group::r--
       default:mask::---
       default:other::---

FILES

       /etc/passwd     system password file

       /etc/group      group file

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       chmod(1), ls(1), setfacl(1), acl(2), aclsort(3SEC), group(4), passwd(4), attributes(5)

NOTES

       The output from getfacl is in the correct format for input to the setfacl -f command. If the output from getfacl is redirected to  a  file,
       the file may be used as input to setfacl. In this way, a user may easily assign one file's ACL to another file.

SunOS 5.10							    5 Nov 1994								getfacl(1)
All times are GMT -4. The time now is 10:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy