Electronic Books

If that method is not convenient, user IDs can be mapped in many other ways. Here are some
methods of setting user permissions and the /etc/exports option that you use for each method:
 root user??”The client??™s root user is generally mapped into the nfsnobody username
(UID 65534). This prevents a client computer??™s root user from being able to change all
files and directories in the shared file system. If you want the client??™s root user to have
root permission on the server, use the no_root_squash option.
There may be other administrative users, in addition to root, that you want to squash. I
recommend squashing UIDs 0??“99 as follows: squash_uids=0??“99.
 nfsnobody user/group??”By using the nfsnobody username and group name, you essentially
create a user/group with permissions that do not allow access to files that belong to
any real users on the server, unless those users open permission to everyone. However,
files created by the nfsnobody user or group are available to anyone assigned as the
nfsnobody user or group. To set all remote users to the nfsnobody user/group, use the
all_squash option.
The nfsnobody user is assigned to UIDs and GIDs of 65534 to prevent the ID from running
into a valid user or group ID. Using the anonuid or anongid option, you can change the
nfsnobody user or group, respectively.


Pages:
1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313