NFS4 and host restrictions

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Damian Pietras <daper@daper.net>
To: nfs@lists.sourceforge.net
Subject: NFS4 and host restrictions
Date: Mon, 5 Jun 2006 11:23:21 +0200	[thread overview]
Message-ID: <20060605092321.GA25450@daper.net> (raw)

Hi,

I'm trying to work out how to restrict access to NFS4 directories by
client IP.

What I want to achive is something like that:

/nfs4 - virtual root
/nfs4/host1dir
/nfs4/host2dir

I want to restrict access for /nfs4/host1dir to host1 only and for
/nfs4/host2dir to host2.

I've tried few configurations in /etc/exportfs and nothing works, for example:

/nfs4 *(rw,sync,fsid=0)
/nfs4/host1dir host1(rw,sync)
/nfs4/host2dir host2(rw,sync)

This allows anyone to mount /nfs4/host1dir and /nfs4/host2dir

And this:
/nfs4 i127.0.0.1(rw,sync,fsid=0)
/nfs4/host1dir host1(rw,sync)
/nfs4/host2dir host2(rw,sync)

nobody is allowed to mount anything.

I can't figure it out and I couldn't find any information how it's
supposed to work. Can you help me?

I'm using nfs-utils 1.0.7.

-- 
Damian Pietras

_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

next             reply	other threads:[~2006-06-05  9:23 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-06-05  9:23 Damian Pietras [this message]
2006-06-05 17:09 ` NFS4 and host restrictions J. Bruce Fields

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060605092321.GA25450@daper.net \
    --to=daper@daper.net \
    --cc=nfs@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.