[MLUG] NFS all_squash

Nicholas Accad nicholas at accad.org
Wed Dec 31 11:26:53 EST 2008 

Last I checked, NFSv4 was only client side, not server side, at least for Linux
There is some experimental code for *BSD, but nothing in production.
So in the end it does not really matter, you still have to use NFSv3

-nick


On Tue, Dec 30, 2008 at 7:15 PM, Jean-Francois Theroux <jf at theroux.ca> wrote:
> I doubt you can. Few rules of thumb when dealing with NFS.
>
> 1. Use central source of authentication. By storing each users profiles
> in LDAP for instance, your users will always have the same UIDs across
> the network. If you don't, you end up having to deal with that manually.
> Making sure you keep the same UIDs, etc.
>
> 2. once step one is done you can think about moving up security a notch
> in your initial setup and go NFSv4 backed by Kerberos v5.
>
> 3. Make sure you use TCP. Lots of time I see it with UDP.
>
> hendrik at topoi.pooq.com wrote:
>> On Tue, Dec 30, 2008 at 05:08:32PM -0500, Stefan Monnier wrote:
>>>> I'm in the process of setting up and NFS server.  Simple enough, except
>>>> the all_squash isn't working. :-(
>>> [...]
>>>> # ls -l
>>>> -rw-rw-r--    1 10028 5011    497 2008-12-29 17:00 mirror.txt
>>>> -rw-rw-r--    1 10001 5011    401 2008-02-08 10:50 mirror.txt.bak
>>> You misunderstand all_squash: it does not affect the uid/gid info sent
>>> over from the server.  It only affects the uid/gid info sent from the
>>> client to the server (i.e. the server decides to override the uid/gid
>>> data sent by the client).
>>
>> Is there any way of specifying a list of (uid, uid) pairs to indicate
>> how translation of uids is done between systems?  If there is, I haven't
>> found it.
>>
>> -- hendrik
>> _______________________________________________
>> mlug mailing list
>> mlug at listserv.mlug.ca
>> https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
>
> --
> Jean-Francois Theroux
> IT Consultant
> http://theroux.ca
>
>
> _______________________________________________
> mlug mailing list
> mlug at listserv.mlug.ca
> https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
>
>

More information about the mlug mailing list