Personal NFS?
Jonathan I. Kamens
jik at athena.mit.edu
Mon Apr 29 15:29:22 AEST 1991
(I've kept this in comp.unix.questions rather than following Eric's
Followup-To, because what I'm posting has little to do with the NFS protocol
directly.)
In article <12681 at uhccux.uhcc.Hawaii.Edu>, pilger at uhunix1.uhcc.Hawaii.Edu (Eric Pilger) writes:
|> In article <4034 at inews.intel.com> bhoughto at pima.intel.com (Blair P. Houghton) writes:
|> >Basically, RTFM mount(8) and umount(8). If your sysadmin has
|> >turned off your permission to invoke mount or umount, scream
|>
|> SunOS does not let anyone but root issue the mount or umount command.
Indeed. Blair apparently believes that general accessibility of mount() and
umount() is the rule. In fact, it is the exception, and my impression is that
only recently did *any* variant of Unix start allowing non-root users to do
mounts.
|> I suppose you could change these commands to be SUID, but I would only
|> want to do this on my own personal machine. IT WOULD NOT be a wise
|> thing to do generally. The safest path is to create a small program
|> that is hardwired to do specific mounts, and make it SUID. This
|> provides a little more control.
Project Athena solved this problem several years ago by writing a program
called "attach" (and a corresponding program called "detach") to do mounts and
unmounts for users. It's more then just what Eric proposes. It supports
several different filesystem types (UFS, NFS, RVD, AFS, and other special
types); allows filesystems to be referred to by symbolic names (indeed, all
user home directories are filesystems named after them, so the login program
just runs "attach jik" to make my home directory accessible on a workstation);
uses hesiod (another Project Athena thing) to look up filesystems or reads
them from a configuration file (or both); allows the installer to configure
whether or not users can do explicit attaches at all, and if so, what
directories they can mount in and what directories they can't; and some
other stuff.
Unfortunately, we've never released attach for redistribution, because much
of the NFS and UFS code was stolen from the BSD mount sources, which are not
freely redistributable. We don't have any programmers working on it
actively right now, so I don't know if/when the code is going to be freed of
restrictions and distributed.n
--
Jonathan Kamens USnail:
MIT Project Athena 11 Ashford Terrace
jik at Athena.MIT.EDU Allston, MA 02134
Office: 617-253-8085 Home: 617-782-0710
More information about the Comp.unix.questions
mailing list