NFS question

Martin Siegert siegert at sfu.ca
Fri Jul 13 09:02:18 PDT 2001


On Fri, Jul 13, 2001 at 07:19:54AM -0500, Christoph Wasshuber wrote:
> I have a fundamental NFS question. Assume
> that we have three computers, X, HEAD, NODE1.
> 
> 	X ----- HEAD ----- NODE1
> 
>       /vol      /mnt/v1    /mnt/v2
> 
> X     is some computer on a larger network
> HEAD  is also member of this larger network and
>       knows about X and NODE1
> NODE1 is one of my beowulf nodes and does not
>       know anything about the larger network.
> 
> NODE1 does not know anything about X and X likewise
> does not know anything about NODE1. The HEAD knows
> both X and NODE1.
> 
> Assume further that X exported his /vol directory
> and HEAD has mounted it on /mnt/v1. Everything is
> fine and working well. HEAD can access X:/vol by
> looking into /mnt/v1
> 
> Now my question:
> Can NODE1 mount HEAD:/mnt/v1 so that NODE1 can
> access X:/vol by looking into his /mnt/v2?
> 
> In other words can one mount a mounted directory?

No you can't. Otherwise it would we trivial to circumvent all access
restrictions (as specified in /etc/exports on node X).

NFS isn't very secure, but it is not that insecure.

Martin

========================================================================
Martin Siegert
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert at sfu.ca
Canada  V5A 1S6
========================================================================




More information about the Beowulf mailing list