[linux] SOLVED VYRIESENE::Neither 'subtree_check' or 'no_subtree_check' specified for export "10.17.24.0/255.255.255.0:/opt/dir". Assuming default behaviour ('subtree_check').
Jan Kunder
jan.kunder na gmail.com
Úterý Září 19 21:05:02 CEST 2006
Ahoj.
(Pocas pisania som nasiel aj odpoved, ale zasielam linky - niekomu sa
moze zist SOLVED VYRIESENE)
OTAZKA::
Setting up nfs-kernel-server (1.0.10-1) ...
Stopping NFS kernel daemon: mountd nfsd.
Unexporting directories for NFS kernel daemon....
Exporting directories for NFS kernel daemon...exportfs: /etc/exports
[5]: Neither 'subtree_check' or 'no_subtree_check' specified for export
"10.17.24.0/255.255.255.0:/opt/dir".
Assuming default behaviour ('subtree_check').
NOTE: this default will change with nfs-utils version 1.1.0
.
Starting NFS kernel daemon: nfsd mountd.
====
ODPOVED::
http://www.linux-tutorial.info/modules.php?name=ManPage&sec=5&page=exports
http://wiki.debian.org/?SecuringNFS
==
no_subtree_check
This option disables subtree checking, which has
mild security implications, but can improve relia
bility is some circumstances.
If a subdirectory of a filesystem is exported, but
the whole filesystem isn't then whenever a NFS
request arrives, the server must check not only
that the accessed file is in the appropriate
filesystem (which is easy) but also that it is in
the exported tree (which is harder). This check is
called the subtree_check.
In order to perform this check, the server must
include some information about the location of the
file in the "filehandle" that is given to the
client. This can cause problems with accessing
files that are renamed while a client has them open
(though in many simple cases it will still work).
subtree checking is also used to make sure that
files inside directories to which only root has
access can only be accessed if the filesystem is
exported with no_root_squash (see below), even the
file itself allows more general access.
As a general guide, a home directory filesystem,
which is normally exported at the root and may see
lots of file renames, should be exported with sub
tree checking disabled. A filesystem which is
mostly readonly, and at least doesn't see many file
renames (e.g. /usr or /var) and for which subdirec
tories may be exported, should probably be exported
with subtree checks enabled.
The default of having subtree checks enabled, can
be explicitly requested with subtree_check
==
Very often, it is not desirable that the root user on a
client machine is also treated as root when accessing
files on the NFS server. To this end, uid 0 is normally
mapped to a different id: the so-called anonymous or
nobody uid. This mode of operation (called `root squash
ing') is the default, and can be turned off with
no_root_squash.
no_root_squash
Turn off root squashing. This option is mainly use
ful for diskless clients.
all_squash
Map all uids and gids to the anonymous user. Useful
for NFS-exported public FTP directories, news spool
directories, etc. The opposite option is
no_all_squash, which is the default setting.
anonuid and anongid
These options explicitly set the uid and gid of the
anonymous account. This option is primarily useful
for PC/NFS clients, where you might want all
requests appear to be from one user. As an example,
consider the export entry for /home/joe in the
example section below, which maps all requests to
uid 150 (which is supposedly that of user joe).
've a nice day!
JK
--
Ing. Jan Kunder
jan.kunder-HATESPAM-gmail.com
http://www.kunder.sk
JKjkjk rozpmnqestka
Další informace o konferenci linux