SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
As I recently bought a netbook, I decided to turn my desktop into a home server to let all my roommates have access to music and movies over the network. I've just started the setup of the server. Then, I came across a problem
Following the instructions regarding NFS from here and the man page of hosts.deny from here (why don't we have that man page?), I created something like this:
(Although they're all mounted under /home, those are three separate partitions).
/etc/hosts.deny
Code:
ALL:ALL
/etc/hosts.allow
Code:
ALL:my_ip_address
I restarted /etc/rc.d/rc.rpc and created a mount point for it in Dolphin. When I got there, I learned that I was not only able to browse through the directories I allowed access to, but to _all_ of the directories under /home.
Why did that happen? I assume that is because my /etc/hosts.allow is too permissive. Is my only alternative to set an allow rule in a per-daemon basis? I can easily test that. All I have to do is create a dummy user in both systems and change my ip address in the client side.
allow access for your roommates, not just yourself
Well, as far as I can tell, so far you have not allowed any access for your roommates... only access for yourself...
If you do not have a dns server on your home LAN, then what you should do is set up /etc/hosts to identify all the hosts and their corresponding ip addresses in your LAN; then you can allow access in /etc/exports based on host names... however ip addresses work as well...
but in your /etc/exports file, you have a line like
Code:
/home/videos my_ip_address(rw)
this only allows access to /home/videos to your ip address, and I'm guessing you already have access to your own system, and thus you can read and write to everything, and not just the directories you wish to export...
my /etc/exports has a line like so:
Code:
/home/slacinthebox/flix *(rw,no_subtree_check)
the above line lets all hosts access my "flix" directory, regardless of hostname and ip address... but I could replace the "*" with a specific host name or ip address if I wanted to be more restrictive...
likewise, in /etc/hosts.allow, you only allowed your own ip address. If you were to substitute your roommates' ip addresses or host names, then you would be up and running
Well, as far as I can tell, so far you have not allowed any access for your roommates... only access for yourself...
Thank you very much for your reply, slac-in-the-box. About only granting access for myself: this computer will become headless. I needed remote access to manage its files. As I'm the only one running Linux in the apartment, I thought I'd be the only one able to mount NFS. My plan is to set Samba shares for everyone else.
Quote:
If you do not have a dns server on your home LAN, then what you should do is set up /etc/hosts to identify all the hosts and their corresponding ip addresses in your LAN; then you can allow access in /etc/exports based on host names... however ip addresses work as well...
As far as I can tell, /etc/hosts will only work if the machines have static IPs. Did I understand it correctly?
Something I still don't get is why I was able to browse through /home/ftp, for example, from my netbook when I didn't grant access to it in the other files.
As far as I can tell, /etc/hosts will only work if the machines have static IPs. Did I understand it correctly?
Absolutely correct. I have statics assigned in my LAN, but that won't apply in your case...
So your desktop, running headless, will be a NFS server for your netbook, and a Samba share server, for your roommates...
I abandoned windows so long ago, that I will be useless for helping with SAMBA...
However, now I understand that when you wrote "my_ip_address" you were referring to the address of your netbook and not of your desktop/server... I had misunderstood the first time, and thought you were putting in the desktop/server's ip_address there...
So, now I see... why can you browse /home/ftp when it is not specified in your exports file...
What happens if, from your netbook, you try
Code:
showmount -e nfs_servers_ip_address
?
I have xfce wm, so am not very familiar with Dolphin, but when I mount my nfs share, For temporary mounts (like at friends NFS server) I use mount command:
Code:
mount -t nfs nfs_servers_ip:/path_to_share /local_mount_point
And for permanent mounts (like at home, or office), I set up mount in fstab.
Just a quick update: I accidentally dropped beer on my netbook's keyboard so I left it off for a week to avoid short circuits and I didn't have any way to test any of the suggestions (no clients available). I'll check them tonight and will report back during the weekend. Thanks everyone who's been helping me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.