NFS4 and host restrictions

NFS4 and host restrictions

[Damian Pietras]

Hi,

I'm trying to work out how to restrict access to NFS4 directories by
client IP.

What I want to achive is something like that:

/nfs4 - virtual root
/nfs4/host1dir
/nfs4/host2dir

I want to restrict access for /nfs4/host1dir to host1 only and for
/nfs4/host2dir to host2.

I've tried few configurations in /etc/exportfs and nothing works, for example:

/nfs4 *(rw,sync,fsid=0)
/nfs4/host1dir host1(rw,sync)
/nfs4/host2dir host2(rw,sync)

This allows anyone to mount /nfs4/host1dir and /nfs4/host2dir

And this:
/nfs4 i127.0.0.1(rw,sync,fsid=0)
/nfs4/host1dir host1(rw,sync)
/nfs4/host2dir host2(rw,sync)

nobody is allowed to mount anything.

I can't figure it out and I couldn't find any information how it's
supposed to work. Can you help me?

I'm using nfs-utils 1.0.7.

-- 
Damian Pietras


_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

Re: NFS4 and host restrictions

[J. Bruce Fields]

On Mon, Jun 05, 2006 at 11:23:21AM +0200, Damian Pietras wrote:
> /nfs4 *(rw,sync,fsid=0)
> /nfs4/host1dir host1(rw,sync)
> /nfs4/host2dir host2(rw,sync)
> 
> This allows anyone to mount /nfs4/host1dir and /nfs4/host2dir

It'll let anyone mount those paths, but it shouldn't actually let you
see the contents of any filesystems mounted at those paths.

--b.


_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs