From owner-freebsd-questions Wed Feb 4 11:45:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA22661 for questions-outgoing; Wed, 4 Feb 1998 11:45:19 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from tyree.iii.co.uk (tyree.iii.co.uk [193.117.77.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA22367 for ; Wed, 4 Feb 1998 11:43:47 -0800 (PST) (envelope-from nik@iii.co.uk) From: nik@iii.co.uk Received: from carrig.strand.iii.co.uk (carrig.strand.iii.co.uk [192.168.7.25]) by tyree.iii.co.uk (8.8.8/8.8.8) with ESMTP id SAA20727; Wed, 4 Feb 1998 18:42:55 GMT Received: (from nik@localhost) by carrig.strand.iii.co.uk (8.8.7/8.8.7) id SAA03303; Wed, 4 Feb 1998 18:47:24 GMT Message-ID: <19980204184724.16018@iii.co.uk> Date: Wed, 4 Feb 1998 18:47:24 +0000 To: "A. Rich" Cc: Keith Jones , questions@FreeBSD.ORG Subject: Re: mountd -n is not allowing non-root mounts References: <199802041529.KAA22061@shell2.shore.net> <19980204161208.15968@blueberry.co.uk> <199802041616.LAA03368@shell2.shore.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.85e In-Reply-To: <199802041616.LAA03368@shell2.shore.net>; from A. Rich on Wed, Feb 04, 1998 at 11:16:32AM -0500 Organization: interactive investor Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG X-To-Unsubscribe: mail to majordomo@FreeBSD.org "unsubscribe questions" On Wed, Feb 04, 1998 at 11:16:32AM -0500, A. Rich wrote: > keith> I don't think you're supposed to be able to mount drives unless you're > keith> root. If you really need to, I guess you could write a suid wrapper > keith> for it. > > That's what the -n flag is for......mountd(8): > > -n The -n option allows non-root mount requests to be served. This > should only be specified if there are clients such as PC's, that > require it. It will automatically clear the vfs.nfs.nfs_privport > sysctl flag, which controls if the kernel will accept nfs re- > quests form reserved ports only. > > This specific case is a cluster of NCDs that need to mount their config > directories. It works under other operating systems (BSD and SysV), just not > this version of FreeBSD that I've tried. > > Based on the man page, I would say this is a bug. Ah, I think I understand your confusion. This is for NFS mounts, right? As a security measure, an NFS server will normally only allow mount requests that come from reserved port on the client. A reserve port is one with a port number < 1024. Some PCNFS implementations send their (legitimate) requests from a port that's > 1023, which is the wrong thing to do. The -n flag is a work around for the NFS *server* to let it allow these requests. It is not a mechanism to allow non-root users to mount local devices onto the filesystem. I've either just explained stuff you already know (in which case, sorry) or cleared up a point of confusion. Hope it's the latter. N -- --+==[ Nik Clayton is Just Another Perl Hacker at Interactive Investor ]==+-- . . . and relax