2 Replies Latest reply: Mar 16, 2011 7:14 AM by rmharwood RSS

NFS:root option

ashutosh83 Novice
Currently Being Moderated

Hi All

 

I am trying to understand what the purpose of using the root access restriction option is while exporting an NFS share.

 

As per http://now.netapp.com/NOW/knowledge/docs/ontap/rel701r1_gf/html/ontap/filesag/2nfs3.htm If you specify a host with the root option, the root user on that host keeps the root UID (0) when accessing the resource.

Doesn't the root user have the UID 0?

 

Regards

Ashutosh

  • Re: NFS:root option
    ashutosh83 Novice
    Currently Being Moderated
    • By default, the anon option specifies a UID of 65534. That is, if you do not use the root and anon options for a resource, root users on all hosts access the resource using the UID 65534.
    • If the anon option specifies a UID of 65535, root access is disabled.
    • If the anon option specifies a UID of 0, root access is granted to all hosts.
    • If a name is provided instead of a UID, that name is looked up  according to the order specified in the /etc/nsswitch.conf file to  determine the corresponding UID to be assigned by the anon option.

     

    Clarifies it. Is there anything else that I am missing to understand?

    • Re: NFS:root option
      rmharwood Cyclist
      Currently Being Moderated

      The root option gives the root user on an NFS client full privileges on the export. Otherwise, the root user, as you said effectively gets mapped to a UID corresponding to "nobody", a user that has no special privileges.

       

      You may use it if you want to prevent someone who has root access on a client system from making changes on the filesystem. To be honest, it is not widely used these days.

       

      Richard

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points