Mailinglist Archive: opensuse (1445 mails)

< Previous Next >
Re: [opensuse] NFS security [Was: SAMBA.]
On 16/03/12 12:24, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2012-03-16 08:11, lynn wrote:
On 16/03/12 02:18, James Knott wrote:

I thought NFS access was via user ID. The drawback of this is different
users could have the same ID on different computers. For example, I
could be user 1000 on my computer and you would be 1000 on yours. An NFS
file server sharing for ID 1000 couldn't tell the difference between me
& you.

But surely, no decent admin would allow her network to have id collision.
e.g. Yast always chooses a unique uid be it /etc/passwd or ldap.

I don't see why, unless it was your initial intention. Yast chooses the
same ID, 1000, for different users on different computers. Only if you are
doing an organization and have that idea in mind, you are careful.

I don't think we're talking the same language here. On a network, user ID, be it uid/gid or m$ SID _has_ to be done centrally. You could not have more than one master server for the purpose of user and group management. If you did, it would be a race.


And... does YaST setup that automatically? It does setup ldap automatically
on SLES, but I doubt it does it in openSUSE.


Yes. There are Yast modules for both Server and Client. You can point and click your way to a LDAP server just as you can with sles. There is even a nice graphical front end called LDAP Browser all without leaving Yast. Ideal for looking up names, addresses, telephone numbers and, if you must, uid's!

L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups