FC5, Firefox, NFS /home
John Austin
ja at jaa.org.uk
Tue Jun 20 10:20:04 UTC 2006
On Tue, 2006-06-20 at 09:31 +0100, Keith G. Robertson-Turner wrote:
> Dan wrote:
>
> > I have an FC5 server which has exported /home via NFS. Client
> > machines automount /home.
>
> Using /home as a network share is inherently insecure, and for reasons
> you have just discovered, doesn't work very well.
Maybe, but the whole point must be to have all the users info
stored in one place.
>
> > Can multiple instances of firefox actually share a single profile?
> > Can anyone else confirm this behavour?
Yes I have had this problem, I think I left myself logged in
on my server with Firefox running and then logged in on my
laptop (which NFS mounts $HOME) and started firefox there as well. Then
ssh to server and kill -9 firefox_pid!!!
Not recommended.
I could have started with a separate profile. I think
firefox reaction has changed recently as it used to ask
if I wanted to create a new profile.
>
> Firefox, and many other programs, use a locking mechanism to determine
> if there is already another instance running, and (as you have
> discovered) will not launch another instance if there is:
>
> ~/.mozilla/firefox/<profile>/lock
>
> If you are sharing a $HOME directory among multiple machines or users,
> you will invariably run into gotchas like this, and with many other
> dotfiles too.
I haven't had too many problems with other apps, evolution used to
appear to have absolute path names included in the Contacts data base
but that problem seems to have disappeared.
>
> Best solution: create a share on its own filesystem, or at least away
> from $HOME, mount it, set the correct perms, set the required SELinux
> contexts (if applicable), re-export, and reconfigure NFS.
If I understand this correctly I can't see why this is a good move.
What do you do if you 800 users who can sit at any of 200 different
machines?
>
> IMHO FC5 desperately requires a simple tool (with GUI?) to simplify this
> process, including opening firewall ports, etc. system-config-nfs just
> doesn't even come close.
>
> --
> K.
>
John
More information about the fedora-list
mailing list