-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Neal Becker wrote:
> I'm wondering if I can use nfsv4 idmap so that I can share files between > systems > without syncing uids. > > Thing is, I don't want to have to learn kerberos, ldap, etc. > > Is it possible to use idmap functionality without any complicated setup? > One workaround that can be used not involving Kerberos, NIS, LDAP, etc is setting the hosts files. If you set up your hosts.allow with machines you want to access the server e.g: `portmap: 192.168.0.x , 192.168.0.xx` & your hosts.deny e.g: `portmap:ALL lockd:ALL mountd:ALL rquotad:ALL statd:ALL` you can then makes the shares world writable. If that's of major concern to you, you can add in hosts.deny: `ALL:ALL` but you may run into problems adding new services. Portmapper first visits hosts.allow & any entry it finds in there is allowed access. If it finds nothing corresponding in there, it then checks hosts.deny & follows the rules set there. So it will accept any entry you set in hosts.allow & then block all other access making it secure. Not the Red Hat way one suspects but down & dirty & it works. Not advisable for forward facing, production machines, etc, etc... Cheers, Phil... - -- currently (ab)using CentOS 6.2, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: §auto-key-locate cert pka ldap hkp://keys.gnupg.net Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJQE7/yAAoJEKuJdOaOnmMJ4q4H/39h78FBYjGgPT0lNYW6YRfs e3AYiUjic2G4+QyJfSvdAyjDJXO3meWWtZL2MQ3qCCvsAK0ju5yQbVJAVdSkKcz1 yngMyhBrXg5o5/6hSJBg30fR2UIaBdaj5Q6t1t47auOzqhY0MrrgDC8R1YUE/IuN yfx/3pUnbg3LThSVZkEPYVDNx22BYfWeEb/VBF0dinTfm3FmMW+DiRZDQ9Hnx+gH bTkBKpOxt8CW+1S85k9Y1rCySbqCXiH4apecSF4fhPJGK78DaoTeXL/rHUGo87E2 uBFT1FAr2UKwdKlFOoezkiVGZrDaZe79zUU3ag5edHIkrCPTVY0TuUA8Rh8TVR8= =Z7wn -----END PGP SIGNATURE----- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
