[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [rhelv5-list] mount/automount/nfs weirdness in RHEL5



You are correct -- I misspoke about this issue -- the permissions as set on the server are unrelated to this issue (i.e. permissions set on the client).

Paul Krizak                         5900 E. Ben White Blvd. MS 625
Advanced Micro Devices              Austin, TX  78741
Linux/Unix Systems Engineering      Phone: (512) 602-8775
Silicon Design Division             Cell:  (512) 791-0686


Tom Sightler wrote:
On Fri, 2007-05-04 at 09:18 -0500, Paul Krizak wrote:
There is a subdirectory (site-lib) that we have explicitly exported (and properly locked down) that is read-write *as root* to the world. The reasons that this directory structure were necessary is beyond the scope of this e-mail.

So with RHEL3 and RHEL4, this worked great. You could have both /tool/site-config and /tool/site-lib mounted on a system and the correct permissions would be set.

But with RHEL5, if you mount /tool/site-lib *first*, then you get root read/write permissions to /tool/site-config! And vice-versa, if you mount /tool/site-config first, you *lose* root permissions on /tool/site-lib!

Are you sure about this?  If they are exported with permissions on the
server, then nothing the client can do should be able to override that,
RHEL5 and it's weird behavior or not.  Sure, I can mount a ro export as
rw on the client, but that doesn't mean it is rw, the server has to
enforce those permissions.

Now that doesn't mean that I think your points about this client
behavior aren't valid, but I just don't see what you're saying here.  If
you're somehow saying that a RHEL5 system can somehow override server
based restrictions then that is HUGE, but that would seem like it would
have to be a bug in the NFS server as it has to be the server which
enforces restrictions on exports.

Later,
Tom




_______________________________________________
rhelv5-list mailing list
rhelv5-list redhat com
https://www.redhat.com/mailman/listinfo/rhelv5-list




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]