nfs access for anonymous uid

nfs access for anonymous uid

Post by Michael Wern » Wed, 17 Mar 1993 13:20:41



If you export a filesystem with anon=-1 what checks are done when
(1) uid=0 user  tries to mount the exported directory on a remote machine
(2) a user with uid != 0 tries to read/write nfs mounted directory

--
Yours,

Mike

----------------------------------------------------------------------------
+                                                                          +
+    *            *                     Michael Werner                     +

+      *        *                       Theoretical Quantum Optics,        +
+       -------                         Department of Physics,             +
+      *       *                        University of Queensland.          +
+     *         *                       St. Lucia. 4072. Australia         +
+    *           *                                                         +
+                                                                          +  
----------------------------------------------------------------------------

 
 
 

nfs access for anonymous uid

Post by Barry Margol » Thu, 18 Mar 1993 10:05:37



>If you export a filesystem with anon=-1 what checks are done when
>(1) uid=0 user  tries to mount the exported directory on a remote machine

The "anon" option has no effect at mount time, only when files/directories
are accessed.  Mountd doesn't look at the uid of the requester; it only
looks at the host name (to check it against the "access" option) and the
source port# (to verify that the client is using a privileged port, unless
the -n option was given).

Quote:>(2) a user with uid != 0 tries to read/write nfs mounted directory

It checks that the uid/gid has permission to read/write that directory.
The anon option has no effect on requests with uid != 0.

--
Barry Margolin
System Manager, Thinking Machines Corp.



 
 
 

nfs access for anonymous uid

Post by Kartik Subbar » Thu, 18 Mar 1993 01:27:35



>If you export a filesystem with anon=-1 what checks are done when
>(1) uid=0 user  tries to mount the exported directory on a remote machine

anon has nothing to do with the mount protocol. In fact, there's no way for
the NFS server to know that the userid of the person mounting the exported
directory is in fact 0, or whether that system even HAS userids in the
first place. In short, there's no difference.

Quote:>(2) a user with uid != 0 tries to read/write nfs mounted directory

Normal UNIX permissions apply here, except that all "root" accesses (those
that are advertised as having the uid of 0), will be mapped to -1. And from
there onwareds, normal UNIX permissions apply.

        -Kartik

 
 
 

nfs access for anonymous uid

Post by Benjamin Z. Goldste » Sat, 20 Mar 1993 14:33:16




>>If you export a filesystem with anon=-1 what checks are done when
>>(1) uid=0 user  tries to mount the exported directory on a remote machine
>The "anon" option has no effect at mount time, only when files/directories
>are accessed.  Mountd doesn't look at the uid of the requester; it only
>looks at the host name (to check it against the "access" option) and the
>source port# (to verify that the client is using a privileged port, unless
>the -n option was given).

      I think that depends on the mountd you are using.  Our VAX/VMS
using UCX certainly checks the UID.
--
Benjamin Z. Golds*
 
 
 

1. Anonymous FTP access from non-anonymous account

Does anybody know of a way to limit the access for a non-anonymous ftp
user similar to that of an anonymous ftp user?  For example, they can log
in, but we don't want them to go outside of a certain directory - like
how anonymous ftp works, just without using the account "anonymous".

If this is in the FAQ - forgive the waste of bandwidth.  Thanks in
advance!

--
_______________________________________________________________________________
                "Yes, you are correct.  I am bored"

Network/Unix/PC Admin                                (319) 395-4542
Rockwell International Corp.

2. Old question perhaps - Diamond Stealth xf86congif file

3. Anonymous ftp: 550: can't set uid

4. Optra R

5. UID / effective UID problem

6. METAHTML

7. User Ids (uid) > 65k or 32 bits uids

8. logging problems to 2.6

9. effective UID vs. Real UID with su - problem

10. setuid to a non-root uid for both effective&real uid

11. NFS and UIDs/GIDs

12. NFS & UID's

13. linux to UnixWare NFS with UID