Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
limiting nfs r/w to specific user on specific ip
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5383

PostPosted: Sun Sep 27, 2015 7:55 pm    Post subject: limiting nfs r/w to specific user on specific ip Reply with quote

Greetings,

I want to setup a nfs server that will allow all hosts to read a mount and one host to r/w.
this is what I have below, according to all guides it will work (didn't had the chance to test it yet because the new server's hdd isn't here yet)
Code:

/mnt/nfs_exports                10.0.0.0/24(ro,all_squash,no_subtree_check) 10.0.0.6(rw,all_squash,no_subtree_check)

my question is, how can I add user validation?

Thanks.
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
kikko
Apprentice
Apprentice


Joined: 29 Apr 2014
Posts: 260
Location: Milan, IT

PostPosted: Mon Sep 28, 2015 8:27 pm    Post subject: Reply with quote

Hi DaggyStyle
this depends on NFS version you plan to use:
  • NFSv3 authentication is host-based, and it relies on a consistent user-UID mapping between client and server in order to manage permission properly
  • version 4 is a little more complex (IMHO :D ), but seems to have very nice security enhancements compared to its predecessor (ACLs, GSS-API et al. See this for further info)

There is plenty of howtos on how to add Super Duper Kerberos auth in NFSv4, maybe it suits your needs :wink:
Regards
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum