How to configure NFS properly without using no_root_squash?
Hi guys,
I have two home computers with Ubuntu 11.04 on it. My desktop PC (let's call it "server") and my laptop (let's call it "client").
What I'd like to do now is export a directory on the server via NFS and mount it as a network share on the client using "mount" and NFS. So far so good. Now comes the problem.
In order to use "mount" on the client I have to do a lovely "sudo". However, when I do that, I merely get read-only access to the exported directory and each time I want to copy a file to the directory the client tells me "no permission". I do have exported the directory with the "rw"-option, though.
The problem seems to be that whenever you mount a NFS directory as client-user "root" (which I can't avoid when using "sudo"), the server automatically maps that to the server-user "nobody" for security purposes. There seems to be a "no_root_squash"-option for the NFS server to prevent that, but it's not recommended - again due to security issues.
So what's the proper way to export a directory? Should the exported directory be owned by the server-user "root" or by some other user? How does the client get write permission in the exported directory when using sudo? Or is there a way without using sudo?
Here's my server's /etc/exports:
========
/exports/data_pool 192.168.3.0/255.255.255.0(rw,sync)
========
TIA for all your help,
Blackhole
|