[SGVLUG] NFS question

Claude Felizardo cafelizardo at gmail.com
Tue May 2 14:56:35 PDT 2006


On 5/2/06, John E. Kreznar <jek at ininx.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> "Claude Felizardo" <cafelizardo at gmail.com> writes:
>
> > I really don't want to have to change the userid on my Linux box
> > because then all my backups won't match.  Short of creating another
> > user on my local box with a userid of my Solaris account is anyone
> > aware of any program that will allow me to remap userid's?
>
> When I construct a new /etc/passwd and /home directory on a new
> system, I routinely re-create there all existing users on other
> systems with which NFS mounts might someday occur.  The userids match,
> so the problem whereof you speak is avoided.

Yes, if I had known that I might get access, I would have made sure to
match userid's.   As it is, I'm still surprised they gave me access
since with root access on my machine, i can now conceivably become any
of 1000+ users on the cluster and access their files though presumably
I've only been granted to access to one of the file servers which
would limit my access to only those working on the same project.  
Don't really want to go snooping around.


> However, the exports(5) man page has a section "User ID Mapping" which
> addresses exactly the question you're asking.  As I recall, it's a bit
> of a mess, which is why I avoid it.

NFS 'exports' is for configuring the server of which I have no
control.  I'm coming in as a client.   The root_squash controls access
by userid=0 and while the anonuid/gid might work for just my home
directory from my Linux box, I really want access to all the other
shares that I normally have access to from the other Solaris boxes.  
Once they made an exception for me, anyone else with a Mac or Linux
box would want the same and having to maintain that kind of access
list would be a lot of work for our SAs.

Editing my /etc/passwd,group,shadow,etc and doing a massive find -exec
chown is becoming to look more attractive if it weren't for the
backups.

claude


More information about the SGVLUG mailing list