Limiting User Permissions

NFS Permissions

rw and ro rw: Allow read and write access

ro: Allow read-only access

squash root_squash: Treat root users as anonymous.

no_root_squash: Allow root users to connect with elevated privileges.

all_squash: Treat all users as anonymous.

USING TCP WRAPPER: it gives you one consistant way to restrict acces by filtering the ip address for any service like ssh etc not only nfs You have to know the service name, for NFS the rpcbind is what actually doing the connection

rpcbind includes libwrap.so
Allows controlling TCP connections
TCP Wrapper Lists

/etc/hosts.allow

/etc/hosts.deny

Allow is applied first
Configuring

In /etc/hosts.allow

rpcbind: 10.0.222.*

In /etc/hosts.deny

rpcbind: ALL

PreviousNFS (Network File System)NextDHCP

Last updated 1 year ago