Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
how to give nfs share to only one particular user in that particular system.
that is for example if 192.168.0.5 has many users but i wanna make only one particular user to acces that share.
is it possible
if yes plz
You can't explicitly prevent ANY user from mounting the share.
What you can prevent is ANY user from being able to read/write to the share - to do this, you'll have to make the shared folder itself belong to the user you want to have access to it.
So in other words, if you have machine A, where the share is located; and machine B, from where it will be mounted/accessed; and you want only JoeSoap to be able to access the share - then the shared folder on machine A must belong to JoeSoap (that is, chown -R JoeSoap:JoeSoap /your/shared/folder).
It should be enough to specify a single client IP in the server's export options, then use filesystem permissions on the share to only allow a single UID access to the files. The security of that approach relies on:
a) Nobody being able to hijack the client's IP
b) Nobody being able to change UID on the client - i.e. your users don't have root access or access to each other's accounts, and if you're using a directory like LDAP for passwd info your users shouldn't be able to ldapmodify their UID.
If you're happy that those conditions are met, then you're good to go.
If you need better security, then you'll have to set up Kerberos and use that to authenticate the user.
in nfs server /etc/exports if i give the entry has /data 192.168.0.40/24(rw,no_root_squash)
now if a root user login to 192.168.0.40 and mount /data on /mnt
if a root user creates a files in /mnt then at server side that is in /data if i type ll
it is showing uid and gid are root and root its fine. But if other user in the system say sridhar creates the files in /mnt then on the server side the uid is showing as 500 which is sridhar,s uid and gid in the client.
now my question is i want in server side to reflect the name of user who is creating files in /data
what should i do.
Also if there are many users in 192.168.0.40 say ram tom sridhar etc. But i want to give access to nfs share only to user ram . then what entry should i write in /etc/exports file.
root is a common user that is present on all the Linux systems and its user id and group id remains same on all. And hence you can see that no matter from which system you create a file/folder as root it will have correct ownership because root user is present on both systems. If you want to centralize the user management, you should look for LDAP.