First, my thanks to everyone for bearing with me, as we figured out
just what it was I wanted to ask :-}
To recap: I wanted to export a filesystem to a large group of hosts,
all of whom should be recognised as root-equivalent, and also to one
more host, whose root should not be recognised.
Solution: there isn't one, exactly. The closest I can get is to
limit the number of hosts whose root is recognised. (The -root=
option will accept a (short) list of hostnames, but not a netgroup,
unlike the -access= option. Many of you agree with me that this is
Really Icky -- are you listening, Sun?)
For those of you who have source, Roy Marantz <marantz@cs.rutgers.edu>
uses a hacked exportfs (and kernel?) which recognises multiple entries
in /etc/exports for the same filesystem. (BTW, some of you noted that
the man page doesn't actually say you can't have multiple entries, and
you're right. When I went ahead and tried it, I found that the last
entry simply replaces any previous entries--no surprise there.)
There was almost unanimous agreement that the -anon=0 option should be
avoided, as doing away with what little security there is in NFS exports.
Many thanks to:
"Anthony A. Datri" <datri@concave.convex.COM>
"J. Matt Landrum" <mdl@cypress.COM>
Bob Cunningham <bob@kahala.soest.hawaii.EDU>
Brent Alan Wiese <brent@curie.ssctr.bcm.tmc.EDU>
Dana Roode <DRoode@uci.EDU>
David Mostardi <david@msri.ORG>
Eckhard Rueggeberg <erueg@cfgauss.uni-math.gwdg.de>
Frank Kuiper <frankk@cwi.nl>
Gary Richardson <gpr@proteon.COM>
Jeff Nieusma <nieusma@cs.colorado.EDU>
Michael Helm <mike@inti.lbl.GOV>
Mike Raffety <miker@sbcoc.COM>
Paul Henninger <pbh@cfsmo.honeywell.COM>
Russ Poffenberger <poffen@sj.ate.slb.COM>
Scott Ellis <scott@assistant.beckman.uiuc.EDU>
William LeFebvre <phil@pex.eecs.nwu.EDU>
brian hawley <hawley@ucrmath.ucr.EDU>
dmorse@sun-valley.stanford.EDU
marantz@cs.rutgers.EDU
mark galbraith <deltam!dm!mark@uunet.UU.NET>
--------
David Harnick-Shapiro Support Group, Department of david@ics.uci.edu
Information and Computer Science ucbvax!ucivax!david
University of California, Irvine
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:16 CDT