[discuss] Re: getcwd on a nfs mounted home directory subdir

Mon, 25 Mar 2013 06:06:50 -0700 

Le 25/03/13 13:51, Marcel Telka a écrit :

On Sun, Mar 24, 2013 at 09:51:12AM +0100, Richard PALO wrote:

richard@x3200:~$ zfs get sharenfs dpool/export/home
NAME               PROPERTY  VALUE                                       SOURCE
dpool/export/home  sharenfs  nosuid,[email protected]/24,[email protected]/24  
local


that seemed to allow the operation to complete as well,
and I guess in an NFS environment necessary for networked root access.

I did notice another anomalie, though...
I set nosuid above (apparently equivalent to nosetuid and
nodevices), but I see the following on the client, after a what is
always a REAL LONG (minute or two) INITIAL LOGIN.

richard@omni1:~$ mount

...

/home/richard on x3200:/dpool/export/home/richard 
remote/read/write/setuid/devices/xattr/dev=8600001 on dim. mars 24 09:26:08 2013


the client seems to ignore nosuid=true


nosuid option in a share and in mount are not the same things. Please read
share_nfs(1M) and mount(1M).


Maybe I missing something... I thought nosuid == nosetuid + nodevices

From man mount_nfs (apparently also believes so)

            suid | nosuid

                 Allow or disallow setuid  or  setgid  execution.
                 The  default is suid. This option also allows or
                 disallows  opening  any  device-special  entries
                 that appear within the filesystem.

                 nosuid is equivalent to nosetuid and  nodevices.
                 When  suid  or nosuid is combined with setuid or
                 nosetuid and devices or nodevices, the most res-
                 trictive options take effect.

                 This option is highly recommended  whenever  the
                 file   system  is  shared  using  NFS  with  the
                 root=option, because, without  it,  NFS  clients
                 could  add  setuid  programs  to  the server, or
                 create devices that could open security holes.



Are you saying the the fact I specify nosuid on the server side in the 
sharenfs options, that the client flagrantly ignores this? (in the 
auto_home mount)


Sorry in advance for the density wrt NFS...


-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4
Powered by Listbox: http://www.listbox.com























					Reply via email to