Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Permission examples

The following code examples provide different levels of access to users and administrators.

ExampleDescription
* ro,rootdir=/pubs,user=guest
  • Allows customers access to software updates from servers.
    The asterisk means permissions apply to all clients unless there are other entries that define different permissions for specific hosts. 
  • Grants read-only access to all clients and maps all incoming connections so that users have "guest" privileges.
    The root directory for these users is set to /pubs.
* rw,nosuid,anon=-1Grants read/write access to all users but turns off the setting of setuid/setgid bits and denies unknown users access.
admin1,admin2 rw,user=Administrator

Maps incoming connections from machines called admin1 and admin2 to the local user called Administrator.
A configuration like this is typically necessary if you are deploying BLPackages to Windows machines
because you need Administrator privileges to deploy packages.

Notes:

  • On Windows, the user name entered is validated against a list of local users on the machine.
  • On Windows Domain Controllers, all users are domain users.
  • When using the exports file to set up user privilege mapping on Domain Controllers, map users to Administrator or to the administrator account for the domain.
host1,host2,host3 rw,rootdir=/reports,root=host1
host4,host5 ro,rootdir=/reports
Allows both read/write and read-only access for selected hosts, granting them root access from only one host and changing the root directory to /reports.
host1,host2,host3 rw,rootdir=/reports,root=host1
host4,host5 ro,rootdir=/reports
Allows both read/write and read-only access for selected hosts, granting them root access from only one host and changing the root directory to /reports.
* rw,allowed=sysadmin1:sysadmin2,user=root

Grants two users (sysadmin1 and sysadmin2 ) read/write permission for all servers, and also maps their user privileges to root.

Notes:

  • This configuration can be assigned when administrators (who typically work on Windows clients) need to manage remote UNIX servers. 
  • Because Windows machines have no inherent concept of root, a configuration entry such as this example
    is important if administrators working on Windows clients want to modify the configuration of UNIX servers.
  • This entry would be added to the exports file on every remote server being managed by the two administrators.
host1.foo.com rw,root=host1.foo.com
@host1.foo.com/26 ro

Defines exception hosts and values for subnets. To create different access (ro/rw) permissions for various hosts
within a subnet, you first define the exception hosts and then define the default value for the remaining subnet.

In this example, the host (host1.foo.com) has read/write privileges while everybody else in the subnet
(subnet mask 255.255.255.192) has read-only privileges.

@192.168.10.1/24 rw=@192.168.10.1/25,ro=@192.168.10.129/25

Splits an address range.

In this example, an address range of 192.168.10.1-255 is split up such that the range from 1-127 has
read/write privileges, while the range 128-255 has read-only privileges.

Was this page helpful? Yes No Submitting... Thank you

Comments