[MLUG] NFS all_squash
Jean-Francois Theroux
jf at theroux.ca
Tue Dec 30 19:15:19 EST 2008
I doubt you can. Few rules of thumb when dealing with NFS.
1. Use central source of authentication. By storing each users profiles
in LDAP for instance, your users will always have the same UIDs across
the network. If you don't, you end up having to deal with that manually.
Making sure you keep the same UIDs, etc.
2. once step one is done you can think about moving up security a notch
in your initial setup and go NFSv4 backed by Kerberos v5.
3. Make sure you use TCP. Lots of time I see it with UDP.
hendrik at topoi.pooq.com wrote:
> On Tue, Dec 30, 2008 at 05:08:32PM -0500, Stefan Monnier wrote:
>>> I'm in the process of setting up and NFS server. Simple enough, except
>>> the all_squash isn't working. :-(
>> [...]
>>> # ls -l
>>> -rw-rw-r-- 1 10028 5011 497 2008-12-29 17:00 mirror.txt
>>> -rw-rw-r-- 1 10001 5011 401 2008-02-08 10:50 mirror.txt.bak
>> You misunderstand all_squash: it does not affect the uid/gid info sent
>> over from the server. It only affects the uid/gid info sent from the
>> client to the server (i.e. the server decides to override the uid/gid
>> data sent by the client).
>
> Is there any way of specifying a list of (uid, uid) pairs to indicate
> how translation of uids is done between systems? If there is, I haven't
> found it.
>
> -- hendrik
> _______________________________________________
> mlug mailing list
> mlug at listserv.mlug.ca
> https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
--
Jean-Francois Theroux
IT Consultant
http://theroux.ca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : /pipermail/mlug-listserv.mlug.ca/attachments/20081230/debd235f/attachment.pgp
More information about the mlug
mailing list