Does anyone recall if the default behavior of an
NFS mounted directory is that you cannot browse
into sub-directories? For instance I have mounted the
/ filesystem on my client machine but am unable to see
anything below /
So if I try to cd to /home it will change directories but
then list no contents.
Assuming this is the default behavior, is the a way to set
up NFS such that I can browse the full filesystem? I have
some software for backing up a Linux filesystem via NFS, but
there is no way I’m going to be able to keep track of constantly
ensuring all of the directories are exported.
SAMBA and SSH isn’t an option…though it would be nice.
> Does anyone recall if the default behavior of an
> NFS mounted directory is that you cannot browse
> into sub-directories? For instance I have mounted the
> / filesystem on my client machine but am unable to see
> anything below /
>
> So if I try to cd to /home it will change directories but
> then list no contents.
>
> Assuming this is the default behavior, is the a way to set
> up NFS such that I can browse the full filesystem? I have
> some software for backing up a Linux filesystem via NFS, but
> there is no way I’m going to be able to keep track of constantly
> ensuring all of the directories are exported.
>
> SAMBA and SSH isn’t an option…though it would be nice.
>
> Thanks.
>
I would check into permissions and ownership of the subdirectories. you
would need NFS to connect you as ROOT to back up the entire system. NFS
doesn’t like to do that, as it’s a SERIOUS security hole. Not exactly sure,
but unless you specify otherwise, you connect as ‘nobody’ or ‘nfs’ (depending
on setup). Of course, those ‘users’ can’t access much.
Check the nfs share (/etc/exports) to determine which user is set up to be
the accessor.
I would recommend creating a ‘dummy’ user, adding this user to ALL of the
groups, and then setting up that user as the NFS accessor. You’ll still miss
any files with ‘—’ (0) as the group permissions (some logs, /etc/shadow and
so on).
Without some program helping on the linux server end, you will have
difficulty accessing ALL the files on the system due to permissions and user
rights.
> On Wed, 20 Aug 2008 22:44:01 GMT
> GofBorg <GofBorg@no-mx.forums.opensuse.org> wrote:
>
>> Does anyone recall if the default behavior of an
>> NFS mounted directory is that you cannot browse
>> into sub-directories? For instance I have mounted the
>> / filesystem on my client machine but am unable to see
>> anything below /
>>
>> So if I try to cd to /home it will change directories but
>> then list no contents.
>>
>> Assuming this is the default behavior, is the a way to set
>> up NFS such that I can browse the full filesystem? I have
>> some software for backing up a Linux filesystem via NFS, but
>> there is no way I’m going to be able to keep track of constantly
>> ensuring all of the directories are exported.
>>
>> SAMBA and SSH isn’t an option…though it would be nice.
>>
>> Thanks.
>>
>
> I would check into permissions and ownership of the subdirectories. you
> would need NFS to connect you as ROOT to back up the entire system. NFS
> doesn’t like to do that, as it’s a SERIOUS security hole. Not exactly
> sure, but unless you specify otherwise, you connect as ‘nobody’ or ‘nfs’
> (depending
> on setup). Of course, those ‘users’ can’t access much.
>
> Check the nfs share (/etc/exports) to determine which user is set up to be
> the accessor.
>
> I would recommend creating a ‘dummy’ user, adding this user to ALL of the
> groups, and then setting up that user as the NFS accessor. You’ll still
> miss any files with ‘—’ (0) as the group permissions (some logs,
> /etc/shadow and so on).
>
> Without some program helping on the linux server end, you will have
> difficulty accessing ALL the files on the system due to permissions and
> user rights.
>
> Loni
>
Yes. I do not like doing backups via NFS and yes it is a security issue.
I’m going to send the vendor a ‘no-confidence’ vote on their ‘*nix’
solution. The Windows side of things of course is very slick.
> Yes. I do not like doing backups via NFS and yes it is a security issue.
> I’m going to send the vendor a ‘no-confidence’ vote on their ‘*nix’
> solution. The Windows side of things of course is very slick.
Well, considering that windows permissions CANNOT lock out the administrator
user, while in *nix, even root can be locked out (type chmod 000 for some
fun!)
To backup almost any system, I’d always recommend just backing up the
configuration data, the user data, and anything installed that was
‘non-standard’. The rest can be recreated easily from the installation
media. No point using backup storage space to hold the ‘stock’ OS parts.
To back up a *nix system fully, you might as well image the partition. It’s
MUCH easier, and doesn’t have to deal with the nfs user permissions and
whatnot. Of course, you need a daemon or something on the *nix box to
support this, with all of the inherent security needed in place. There are
some smart partition imagers available which will not ‘image’ unused space
based on reading the filesystem block allocation tables. Quick, reliable,
and almost foolproof. (well, until Fool (v2.0) comes out)