Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 07 Oct 2014 14:39:30 -0400
From:      Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
To:        Martin <greencoppermine@yandex.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Problems accessing a Linux NFS share as a normal user
Message-ID:  <44vbnvyba5.fsf@be-well.ilk.org>
In-Reply-To: <400341412703076@web23m.yandex.ru> (Martin's message of "Tue, 07 Oct 2014 19:31:16 %2B0200")
References:  <164141412651763@web23m.yandex.ru> <44sij0ypd3.fsf@be-well.ilk.org> <400341412703076@web23m.yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
Martin <greencoppermine@yandex.com> writes:

> 07.10.2014, 15:35, "Lowell Gilbert" <freebsd-questions-local@be-well.ilk.=
org>:
>> Martin <greencoppermine@yandex.com> writes:
>>> =A0However, I also need to mount this on a FreeBSD box as a normal user=
, not root.
>>
>> Is the export marked "insecure"?
>> You'll get different port numbers for root as opposed to a normal user.
>
> What does it mean "export marked as insecure"?

Quoting the exports(5) manual page from a convenient Linux machine:

EXAMPLE
       # sample /etc/exports file
       /               master(rw) trusty(rw,no_root_squash)
       /projects       proj*.local.domain(rw)
       /usr            *.local.domain(ro) @trusted(rw)
       /home/joe       pc001(rw,all_squash,anonuid=3D150,anongid=3D100)
       /pub            *(ro,insecure,all_squash)
       /srv/www        -sync,rw server @trusted @external(ro)
       /foo            2001:db8:9:e54::/64(rw) 192.0.2.0/24(rw)
       /build          buildhost[0-9].local.domain(rw)

       The first line exports the entire filesystem to machines master
       and trusty.  In addition to write access, all uid squashing is
       turned off for host trusty.  The second and third entry show
       examples for wildcard hostnames and netgroups (this is the entry
       `@trusted').  The fourth line shows the entry for the PC/NFS
       client discussed above. Line 5 exports the public FTP directory
       to every host in the world, executing all requests under the
       nobody account. The insecure option in this entry also allows
                           ^^^^^^^^^^^^^^^
       clients with NFS implementations that don't use a reserved port
       for NFS.  The sixth line exports a directory read-write to the
       machine 'server' as well as the `@trusted' netgroup, and
       read-only to netgroup `@external', all three mounts with the
       `sync' option enabled. The seventh line exports a directory to
       both an IPv6 and an IPv4 subnet. The eighth line demonstrates a
       character class wildcard match.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44vbnvyba5.fsf>