Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This is not a problem as such - it is more my trying to build up my knowledge of how Linux works.
I have a Server that shares a folder via both SMB and NFS.
I can access the folder, via SMB, on either a Linux or Windows PC and need to give a password first.
However, on the Linux PC only, I can mount the folder, via NFS, and it just seems to work.
I have tried to Google why and it seems the difference is that SMB is password-based. However, in contrast, it seems that NFS is host-based and thus no password is needed on the client side.
I would be really grateful if someone could explain what "host-based" means in this situation?
Distribution: Ubuntu based stuff for the most part
Posts: 1,177
Rep:
If you do need to limit access to files on the NFS share, then you need to change the permissions of the file's owner to a different user ID.
Usually this is done when using NFS with NIS. NIS is like an old UNIX version of Active Directory before MS copied it and made AD. Each user would have a different user ID and thus only be ably to access the directory they owned on the NFS server.
If you do need to limit access to files on the NFS share, then you need to change the permissions of the file's owner to a different user ID.
Usually this is done when using NFS with NIS. NIS is like an old UNIX version of Active Directory before MS copied it and made AD. Each user would have a different user ID and thus only be ably to access the directory they owned on the NFS server.
OK - let me see if I understand this, with a real-life example.
I am running an Openmediavault Server, with an NFS share called "Media" - any ip address, on my network, is allowed to mount this folder.
My Linux Desktop is set up in the name of "john", so I assume that if I mount this folder and create a new file, it will be set up with an owner of "john".
Does that mean that if I change permissions, on that file, to chmod 755, only someone using my Linux PC (signed in as "john") can then modify the file?
Distribution: Ubuntu based stuff for the most part
Posts: 1,177
Rep:
I should have clarified that the file permissions need to be set on the NFS server, not by any system that connects to it, for proper control. Try creating a file on the share as root from your desktop and it should complain.
The NFS server will consult it's /etc/passwd, or the NIS server, for the user ID and allow or deny access to the file or directory accordingly. So in your example, anyone that connects to the share will be able to see the file you made, and if the user ID matches then make changes. The file is not owned by 'john' but by a user ID that also has a name.
The downside to NFS shares now days is that the first user ID on a new Linux system is usually 1000, so any Linux system running with a user with that ID will get access to all the files owned by that ID if it is allowed to connect to the NFS share. Back in the old UNIX days it was not an issue since there was only the one server on site that users had access rights to, and security was not something to worry about.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.