Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Permission examples

The following example allows customers access to software updates from servers. The asterisk means permissions apply to all clients unless there are other entries that define different permissions for specific hosts. This example grants read-only access to all clients and maps all incoming connections so that users have "guest" privileges. The root directory for these users is set to /pubs.

* ro,rootdir=/pubs,user=guest

The following example grants read/write access to all users but turns off the setting of setuid/setgid bits and denies unknown users access.

* rw,nosuid,anon=-1

The following example maps incoming connections from machines called admin1 and admin2 to the local user called Administrator. A configuration like this is typically necessary if you are deploying BLPackages to Windows machines because you need Administrator privileges to deploy packages.

admin1,admin2 rw,user=Administrator

Note

On Windows, the user name entered is validated against a list of local users on the machine. However, on Windows Domain Controllers, all users are domain users. When using the exports file to set up user privilege mapping on Domain Controllers, map users to Administrator or the administrator account for the domain.

The following example allows both read/write and read-only access for selected hosts, granting them root access from only one host and changing the root directory to /reports:

host1,host2,host3 rw,rootdir=/reports,root=host1
host4,host5 ro,rootdir=/reports

The following example is a configuration that could be assigned when administrators, who typically work on Windows clients, need to manage remote UNIX servers. It grants two users (sysadmin1 and sysadmin2 ) read/write permission for all servers, and it also maps their user privileges to root. This entry would be added to the exports file on every remote server being managed by the two administrators. Because Windows machines have no inherent concept of root, a configuration entry something like this example is important if administrators working on Windows clients want to modify the configuration of UNIX servers.

* rw,allowed=sysadmin1:sysadmin2,user=root

The following example demonstrates subnets. If you want to have different access (ro/rw) permissions for various hosts within a subnet, you should first define the exception hosts and then define the default value for the remaining subnet. In the example below the host host1.foo.com has read/write privileges while everybody else in the subnet (subnet mask 255.255.255.192) has read-only privileges.

host1.foo.com rw,root=host1.foo.com
@host1.foo.com/26 ro

The following is an example where an address range of 192.168.10.1-255 is split up so that the range from 1-127 has read/write privileges while the range 128-255 has read-only privileges.
@192.168.10.1/24 rw=@192.168.10.1/25,ro=@192.168.10.129/25

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*