Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

Wed, 28 Nov 2018 13:50:49 -0800 

So long as the shares are available to your provisioning network, it should not 
break anything.

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

From: Kevin Keane <kke...@sandiego.edu>
Sent: Wednesday, November 28, 2018 16:37
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Subject: [External] [xcat-user] How to restrict xCAT's NFS shares?

I noticed that xCAT shares /tftpboot and /install as world-writeable. Is there 
a way to restrict these NFS shares to only the networks within the cluster, 
without making them globally available?

Specifically, xCAT creates this /etc/exports file:

/tftpboot *(rw,no_root_squash,sync,no_subtree_check)
/install *(rw,no_root_squash,sync,no_subtree_check)

I would like it to instead create this:

/tftpboot 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)<http://192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)>
/tftpboot 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)<http://192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)>
/install 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)<http://192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)>
/install 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)<http://192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)>

(where 192.168.10.0 and 192.168.11.0 are two networks defined in the network 
table)

Is that doable?

Thanks!

_______________________________________________________________________
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu<mailto:kke...@sandiego.edu>
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!



_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user






















					Reply via email to