Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
The reasons for mapping root to nobody aren't particularly relevant to the question of how to work around the behavior. On Tue, Apr 8, 2008 at 2:36 PM, Daniel Feenberg <[hidden email]> wrote: > > > On Tue, 8 Apr 2008, John Abreau wrote: > > > > By default, NFS remaps root to the user "nobody" in order to minimize > > security issues. The simplest workaround is to not try to write data > > > > Isn't it less of a security issue than a way to avoid catastrophic massive > accidental deletions? After all, if the root user wants to delete a file on > an nfs-mounted volume, all he needs to do is "su" to the owner's userid and > delete it. That isn't much of an obstacle to an intruder. Or am I missing > something? > > > > > > > > > > as root to the NFS volume. > > > > If you're willing to risk the exposure that allowing write permission to > root, > > then you can set an option in the NFS server's /etc/exports to allow it; > > the opetion is "no_root_squash". The syntax is as follows: > > > > /path/to/volume *(rw,no_root_squash) > > > > > > On Tue, Apr 8, 2008 at 10:53 AM, Scott R. Ehrlich <[hidden email]> wrote: > > > > > This might be an obvious question, but I need to ask since I'm facing an > > > obstacle. > > > > > > I have an isolated network running NIS/NFS utilizing CentOS 5 and RHEL > 5. > > > > > > If I try to compile or write data as sudo or outright as root to an > > > NFS-mounted directory (say I cd to someone else's NFS-mounted directory > to > > > try and compile code in their directory), I get permission denied during > the > > > write attemps. > > > > > > Copy their stuff to /tmp or any other local filesystem, and writing is > just > > > fine. > > > > > > How do I resolve this? > > > > > > Thanks. > > > > > > Scott > > > > > > -- > > > This message has been scanned for viruses and > > > dangerous content by MailScanner, and is > > > believed to be clean. > > > > > > _______________________________________________ > > > Discuss mailing list > > > [hidden email] > > > http://lists.blu.org/mailman/listinfo/discuss > > > > > > > > > > > > > > -- > > John Abreau / Executive Director, Boston Linux & Unix > > GnuPG KeyID: 0xD5C7B5D9 / Email: [hidden email] > > GnuPG FP: 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99 > > > > -- > > > > This message has been scanned for viruses and > > dangerous content by MailScanner, and is > > believed to be clean. > > > > _______________________________________________ > > Discuss mailing list > > [hidden email] > > http://lists.blu.org/mailman/listinfo/discuss > > > > >
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |