NFS mounts

[Grogan]

How's THIS for "recommended practice"

Code: Select all

/         192.168.0.2/32(rw,fsid=0,no_root_squash,nohide,no_subtree_check)
/storage  192.168.0.2/32(rw,no_root_squash,nohide,no_subtree_check)
/storage2 192.168.0.2/32(rw,no_root_squash,nohide,no_subtree_check)

I got sick and tired of copying stuff to the mounts (e.g. system configuration files etc.) with ssh first so I just made it so mounting the root fs would follow the mount points. It's only allowed from this PC, and it's just something I manually mount and unmount when I want to copy stuff from/to the other box. It won't even be powered on most of the time once I get fully settled.

In order for it to work, the mount points all have to be exported. I think the fsid=0 is necessary on the parent export for those filesystem mappings, the nohide will allow it to show contents of mounted filesystems without the client having to mount them explicitly, and the no_subtree_check eliminates some overhead.

The no_root_squash makes it so it allows root to access the filesystems as root. Otherwise, it's a "nobody" type permission on access and created files. The biggest consequence (and the point) is that you can't copy SUID files without no_root_squash, which doesn't suit my purposes.

Anyway, the point is that I can now just

Code: Select all

mount -t nfs hostname:/ /mnt/whatever

To gain access to the whole filesystem and copy files as root or my user appropriately.