Re: Why does nfsroot result in nonzero root user euid?

[Stuart Hughes <seh at zee2 dot com>]

Hi David,

On the target you are root, but not when you run stuff of the nfs
mounted root.

Try adding 'no_root_squash' and remove 'all_squash'.  My entries look
like:

/my_exported_dir *(rw,no_root_squash)


Bear in mind this allows any host to do anything on your nfs server
machine.  Depending on what's on your nfs server, you may view this as a
big security hole.  You could change the '*' to restrict access to only
certain hosts.

Regards, Stuart


David Wuertele wrote:
> 
> OK, this bonehead question is off-topic, but I figure everyone here
> has the understanding of libc and nfsroots that I lack:
> 
> When I run my target system mounting / off of an NFS export, I see
> this:
> 
>   # whoami
>   root
>   # echo $UID
>   0
>   # echo $EUID
>   0
>   # strace -e trace=geteuid mount -n --bind /tmp/dir1 /tmp/dir2
>   geteuid()                               = 500
>   mount: must be superuser to use mount
> 
> 500 happens to be the user id of the file owner on the NFS server.
> The NFS server /etc/exports file says:
> 
>   /nfsroot *(rw,all_squash,anonuid=500,anongid=501)
> 
> But just because the server uses these user ids, I still don't see why
> the client has to know anything about them.
> 
> If there's a better place to ask this, please let me know.
> Thanks!
> 
> ------
> Want more information?  See the CrossGCC FAQ, http://www.objsw.com/CrossGCC/
> Want to unsubscribe? Send a note to crossgcc-unsubscribe@sources.redhat.com

------
Want more information?  See the CrossGCC FAQ, http://www.objsw.com/CrossGCC/
Want to unsubscribe? Send a note to crossgcc-unsubscribe@sources.redhat.com