Hi,

Recently we have this requirement of NFS mounting remote storage (NAS) share onto our RedHat Linux 4.0.

The share is already provided. So now we are able to mount this share with the mount command

mount -t nfs remote:/share /home/local

But we have this additional requirement as to only user account max and users from the group maxgroup
should have access to this mount.

So we have set the the owner and group permissions as max:maxgroup for the mount point /home/local

But the problem is when we mount the NFS share on /home/local , the permissions are like this ,

ls -l /home/local

drwxrwxrwx 3 root root 4096 Jun 19 03:19 /home/local

Please see , its 777 and also the owners are not max:maxgroup , they are root:root now.

Every other users on the system are able to acces this share. Can we not restrict this to specific user/group??
And what about 777 permissions?


Please help

NFS assumes a model that UIDs/GIDs are consistent across platforms. Therefore, you need proper permissions on remote files systems to control local access permissions. There is an exception made for UID 0, which allows mapping it to a non-privileged user.

Thanks for the reply. I agree that the settings need to be done on the NFS server side.
But this share will be mounted on this host by ROOT always.
Had we required to give access to specific users to mount this share then I know it can be set on NFS share. But once its mounted, can the access list be modified in such way that only specific users get access to this share after mount?

Post mount usermod 770 command or chown command does not work on the mount point.


Please suggest.

The mount point does not control permissions below that point in the directory tree. There are no inheritable permissions, short of ACLs (which are implementation dependent).

Once mounted, the existing remote file and directory permissions are in control. You can root_squash or all_squash, but that just maps UID 0, or all UIDs to the anonymous UID.