LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-19-2004, 03:57 PM   #1
Min Donner
LQ Newbie
 
Registered: Mar 2004
Posts: 6

Rep: Reputation: 0
Question Limit folder access in NFS


SUSe 9.0 Pro. Seriouse Newbie.

I want to setup NFS but I do not want everyone to access all the folders on the server. For instance, only some should be able to access the MIS folder, others the R&D folder. With Netware, I just create groups and assign folder rights to the group. How do I accomplish the same thing with NFS?
 
Old 08-20-2004, 01:00 AM   #2
idaho
Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: RedHat, Libranet
Posts: 438

Rep: Reputation: 30
You might want to take a look at this document:
http://www.linuxquestions.org/questi...ticle&artid=20
 
Old 08-20-2004, 07:40 AM   #3
Min Donner
LQ Newbie
 
Registered: Mar 2004
Posts: 6

Original Poster
Rep: Reputation: 0
I understand file permissions, but how does this apply to the server side? In Netware, the users ID is passed to the server at login. How does the Linux server know who is trying to access the folder?
 
Old 08-20-2004, 10:43 AM   #4
dcostakos
Member
 
Registered: Aug 2004
Posts: 44

Rep: Reputation: 15
NFS assumes that the UID of the user accessing the file on the client is the UID. So, if I'm a user on both systems and I have UID 500 on both the server and the client, everything is fine. But if I have differing UIDs, problems can occur.
 
Old 08-20-2004, 11:07 AM   #5
Min Donner
LQ Newbie
 
Registered: Mar 2004
Posts: 6

Original Poster
Rep: Reputation: 0
So I need to create a user on the server wih the same name as the user on the client? If the UID is different, I assume that needs to be changed. Does not sound like a very efficent way to run a server.

If i have three people starting the same day, their UIDs on their client will not match the UIDs on the server.
 
Old 08-20-2004, 11:35 AM   #6
dcostakos
Member
 
Registered: Aug 2004
Posts: 44

Rep: Reputation: 15
I agree with your frustration and I feel it too. More than that, NFS can be a security risk. An evil adminstrator with root privileges on a client that mounts your NFS shares can assume any UID on the client and create or modify files as that UID on the server. So, there are plenty things to think about above and beyond file and directory permissions.

I don't know what all your requirements are here, but I wonder if SAMBA is a better option for you? I have also done some experimenting with "shfs" (http://shfs.sourceforge.net/) -- though I don't really have enough experience with it yet to make informed comments or recommendations. I'd love to hear them if someone out there has some.
 
Old 08-20-2004, 01:40 PM   #7
idaho
Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: RedHat, Libranet
Posts: 438

Rep: Reputation: 30
You generally want to have centralized authentication (e.g., NIS) if you have centralized file serving.

dcostakos is correct about the dangers poised by an evil user who gets local root privileges. One possible approach is to export your sensitive directories only to specific clients.
 
Old 08-20-2004, 01:54 PM   #8
Min Donner
LQ Newbie
 
Registered: Mar 2004
Posts: 6

Original Poster
Rep: Reputation: 0
Honestly, my only requirment is to increase my skill set. I am trying to learn how this stuff works to make me more marketable. I suppose SAMBA is the way to go as i doubt there are many Linux only companies out there.

I tried to look into NIS but couldn't find anyhting at my level. "NIS for Dummies" would be nice. "NIS for the complete idiot" would be better.

Last edited by Min Donner; 08-20-2004 at 02:45 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Folder Max Size and Limiting SSH access to home folder. Mefistofeles Linux - General 4 11-26-2005 02:09 PM
user/folder size limit dfcc Linux - Software 5 10-08-2005 05:56 AM
problem sharing folder via NFS cdavidson Linux - Newbie 4 04-03-2005 08:39 PM
Size limit for folder gubak Linux - Newbie 3 11-11-2004 09:09 AM
limit folder size on server moby Linux - Networking 5 11-02-2004 03:18 PM


All times are GMT -5. The time now is 02:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration