[OpenIndiana-discuss] nfs permission denied
James Carlson
carlsonj at workingcode.com
Tue May 8 18:03:23 UTC 2012
Tim Dunphy wrote:
> ok, thanks for the tips .. I'll do a little more reading on NFS so I
> can increase my understanding.
>
> but in the meantime, this seemed to do the trick!
>
> "zfs set sharenfs='rw,root=thebsdbox' tank/xen"
>
> [root at LBSD2:~] #touch /mnt/xen/test
> [root at LBSD2:~] #touch /mnt/xen/test2
> [root at LBSD2:~] #touch /mnt/xen/test3
> [root at LBSD2:~] #rm /mnt/xen/test
> [root at LBSD2:~] #rm /mnt/xen/test2
> [root at LBSD2:~] #rm /mnt/xen/test3
You'll definitely want to do some more reading about it. Allowing
remote root access via NFS isn't necessarily a very safe thing to do,
particularly with the default "we trust the peer's notion of UID/GID"
AUTH_SYS mode.
A better idea is to just live with the notion that one doesn't write to
files over NFS when running as root. Or, if you do it anyway, then make
sure the directory in which those files exist is world-writable so that
user "nobody" can write to them. Opening up root access isn't too
different from making everything world-writable.
If "nobody" isn't to your taste, you can set up "root_mapping=uid" to
change it to some other value.
See share_nfs(1M) and nfssec(5) for details.
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the OpenIndiana-discuss
mailing list