Why does nfsroot result in nonzero root user euid?
Stuart Hughes
seh@zee2.com
Wed Sep 29 09:02:00 GMT 2004
Hi David,
On the target you are root, but not when you run stuff of the nfs
mounted root.
Try adding 'no_root_squash' and remove 'all_squash'. My entries look
like:
/my_exported_dir *(rw,no_root_squash)
Bear in mind this allows any host to do anything on your nfs server
machine. Depending on what's on your nfs server, you may view this as a
big security hole. You could change the '*' to restrict access to only
certain hosts.
Regards, Stuart
David Wuertele wrote:
>
> OK, this bonehead question is off-topic, but I figure everyone here
> has the understanding of libc and nfsroots that I lack:
>
> When I run my target system mounting / off of an NFS export, I see
> this:
>
> # whoami
> root
> # echo $UID
> 0
> # echo $EUID
> 0
> # strace -e trace=geteuid mount -n --bind /tmp/dir1 /tmp/dir2
> geteuid() = 500
> mount: must be superuser to use mount
>
> 500 happens to be the user id of the file owner on the NFS server.
> The NFS server /etc/exports file says:
>
> /nfsroot *(rw,all_squash,anonuid=500,anongid=501)
>
> But just because the server uses these user ids, I still don't see why
> the client has to know anything about them.
>
> If there's a better place to ask this, please let me know.
> Thanks!
>
> ------
> Want more information? See the CrossGCC FAQ, http://www.objsw.com/CrossGCC/
> Want to unsubscribe? Send a note to crossgcc-unsubscribe@sources.redhat.com
------
Want more information? See the CrossGCC FAQ, http://www.objsw.com/CrossGCC/
Want to unsubscribe? Send a note to crossgcc-unsubscribe@sources.redhat.com
More information about the crossgcc
mailing list