Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 10-08-2009, 01:09 AM   #1
LQ Newbie
Registered: May 2007
Posts: 9

Rep: Reputation: 0
NFS export - giving a computer access to root-owned files?

Yes, I know this is not a good practice, and this is only a short-term solution.

I have a server with a web-file-server daemon running internally as root, so the permissions for all files it transfers/creates have a uid/gid of 0:0.

This is fine for the daemon, but I would like to manage those files from another workstation - actually a few workstations on a very limited LAN subnet - through NFS. How would it be possible to have users from a certain subnet mount NFS with root read/write abilities?

I have seen the anonuid/anongid options (for the /etc/exports file), but I'm not so sure this is the right way to go.
Old 10-08-2009, 02:58 AM   #2
Registered: Sep 2009
Distribution: Fedora, Red Hat
Posts: 52

Rep: Reputation: 18

I think what you want to do is something like:

/etc/exports (Webserver)
/myapplication     x.x.x.x(rw,no_root_squash)
And if you want to give the usrs on the other server the permissions to mount that filesystem, I would use sudo.
Old 10-08-2009, 04:36 AM   #3
LQ Newbie
Registered: May 2007
Posts: 9

Original Poster
Rep: Reputation: 0

Thanks for your reply - what you're showing is a rather normal NFS export, but I'd rather that the client machines mount directories without having to sudo - only I know the password.
Old 10-08-2009, 09:08 PM   #4
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,411

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
root_squash or no_root_squash, the files are still owned by root.
I think what you need (if you don't want the clients to use sudo to become root) is to open up the 'other'/3rd set of file perms eg



Old 10-09-2009, 02:21 AM   #5
Registered: Sep 2009
Distribution: Fedora, Red Hat
Posts: 52

Rep: Reputation: 18
ok, i think i still dont understand what you want to do ;-)

I understand now the following:

- user should be able to mount the nfs exports without sudo or switching to root first. --> can be done with autofs

- files owned by root on the remote server should be readable and writable by "normal" users from via the mounted filesystem? --> hmm... you could use samba and then use the "force user = root" option.

force user (S)
This specifies a UNIX user name that will be assigned as the default user for all users connecting to this
service. This is useful for sharing files. You should also use it carefully as using it incorrectly can cause
security problems.

This user name only gets used once a connection is established. Thus clients still need to connect as a valid
user and supply a valid password. Once connected, all file operations will be performed as the "forced user",
no matter what username the client connected as. This can be very useful.

In Samba 2.0.5 and above this parameter also causes the primary group of the forced user to be used as the
primary group for all file activity. Prior to 2.0.5 the primary group was left as the primary group of the
connecting user (this was a bug).
Old 11-07-2009, 10:24 AM   #6
Senior Member
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
Warning: I don't use NFS, so I don't know what complications it might add to the following suggestion:

Change the group ownership of the files, & add the authorized uses to the new ownership group.


export, mount, nfs, permissions, root

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Editing files owned by root SiW Programming 5 07-31-2007 02:36 PM
assign user to access root owned files eyt Linux - General 1 07-27-2007 04:28 PM
user access to files owned by root jonfa Linux - General 2 07-09-2007 12:58 PM
all users have access to root owned files sakatola Linux - Security 2 07-22-2005 01:45 AM
vfat mount - all files are 'root' owned, but even root can't -WX d33pdream Linux - General 5 02-28-2003 03:38 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:50 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration