How to restrict NFS share access to particular server ? (419 Views)
Reply
Advisor
arunaphcl
Posts: 20
Registered: ‎01-28-2013
Message 1 of 8 (419 Views)

How to restrict NFS share access to particular server ?

[ Edited ]

 How to restrict NFS share access to particular server ?

 

P.S. This thread has been moved from Disk to  HP-UX > networking. -HP Forum Moderator

HP Pro
Dave Olker
Posts: 1,432
Registered: ‎10-10-2002
Message 2 of 8 (417 Views)

Re: How to restrict NFS share access to particular server ?

# man share_nfs

 

 

Advisor
arunaphcl
Posts: 20
Registered: ‎01-28-2013
Message 3 of 8 (414 Views)

Re: How to restrict NFS share access to particular server ?

I tried that too but I culdn't find an option to restrict nfs share for a paticular server.

HP Pro
Dave Olker
Posts: 1,432
Registered: ‎10-10-2002
Message 4 of 8 (410 Views)

Re: How to restrict NFS share access to particular server ?

rw=client[:client] ...
Share the pathname read-mostly if sec= option is not
provided. Read-mostly means read-write to those
clients specified and read-only for all other
systems. If a sec= option is provided, pathname is
shared read/write only to the listed clients. No
other systems can access pathname.
Honored Contributor
Patrick Wallek
Posts: 13,776
Registered: ‎06-21-2000
Message 5 of 8 (408 Views)

Re: How to restrict NFS share access to particular server ?

What version of HP-UX?

 

If 11.23 or older, then you use the 'access' keyword in the /etc/exports file.

 

If 11.31 it looks like you should use a combination of the 'sec' keyword and 'ro' or 'rw' access for specific hosts in the /etc/dfs/dfstab.

Advisor
arunaphcl
Posts: 20
Registered: ‎01-28-2013
Message 6 of 8 (397 Views)

Re: How to restrict NFS share access to particular server ?

Its 11.31.

 

could you please share an example;

Acclaimed Contributor
Dennis Handly
Posts: 25,184
Registered: ‎03-06-2006
Message 7 of 8 (360 Views)

Re: How to restrict NFS share access to particular server?

>could you please share an example

 

share -F nfs  -o ro=access_list,rw=access_list,sec=mode[:mode] pathname

For a particular server:

share -F nfs  -o rw=server-FQDN pathname

Honored Contributor
Patrick Wallek
Posts: 13,776
Registered: ‎06-21-2000
Message 8 of 8 (352 Views)

Re: How to restrict NFS share access to particular server?

Here's an example from one of my servers.

 

I'm allowing the share to a server called atl1 only.  I am allowing read/write access and allowing root access as well.

 

# cat /etc/dfs/dfstab

# place share(1M) commands here for automatic execution
# on entering init state 3.
#
# share [-F fstype] [ -o options] [-d "<text>"] <pathname>
# .e.g,
# share -F nfs -o rw=engineering -d "home dirs" /home
share -F nfs -o sec=sys,rw=atl1,root=atl1 /var/tmp/pw

 

From ATL1:

 

# mount ignite:/var/tmp/pw /mnt
atl1-11.23 root / # cd /mnt
atl1-11.23 root /mnt # ll
total 16
drwxr-xr-x 2 root sys 96 Feb 27 10:08 .
drwxr-xr-x 27 root root 8192 Oct 24 12:39 ..
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile1
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile2
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile3
atl1-11.23 root /mnt # rm afile3
afile3: ? (y/n) y
atl1-11.23 root /mnt # ll
total 16
drwxr-xr-x 2 root sys 96 Feb 27 10:11 .
drwxr-xr-x 27 root root 8192 Oct 24 12:39 ..
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile1
-rw-r--r-- 1 root sys 0 Feb 27 10:08 afile2

 

From another server:

 

atl6-11.31 root /root # mount ignite:/var/tmp/pw /mnt15
nfs mount: ignite:/var/tmp/pw: Permission denied

 

Here's a link to the "NFS Services Administrator's Guide HP-UX 11iv3"

http://h20566.www2.hp.com/portal/site/hpsc/template.BINARYPORTLET/public/kb/docDisplay/resource.proc...

 

 

Hopefully this helps.

 

 

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.