What am I not understanding about /etc/exports?
Giorgos Keramidas
keramida at ceid.upatras.gr
Fri Apr 6 22:57:48 UTC 2007
On 2007-04-06 15:26, David Benfell <benfell at parts-unknown.org> wrote:
>On Fri, 06 Apr 2007 22:08:50 +0300, Giorgos Keramidas wrote:
>>On 2007-04-06 11:36, David Benfell <benfell at parts-unknown.org> wrote:
>>> Hello all,
>>> My /etc/exports contains:
>>>
>>> / -alldirs -maproot=root 127.0.0.1
>>> #/usr/src -alldirs -maproot=root 127.0.0.1 192.168.19.1
>>> /usr -alldirs -maproot=root 127.0.0.1 192.168.19.1
>>> /public -alldirs -maproot=root 127.0.0.1 192.168.18.45 192.168.18.46 192.168.19.1
>>> /home -alldirs -maproot=root 127.0.0.1 192.168.18.45 192.168.18.46 192.168.19.1
>>> /cdrom -alldirs,quiet,ro 127.0.0.1 -network 192.168 -mask 255.255.0.0
>>>
>>> Yet:
>>> mountd[735]: mount request denied from 192.168.19.1 for /usr/ports/distfiles
>>
>> Do you have /etc/hosts.allow and /etc/hosts.deny files?
>
> I don't actually implement these, so they should essentially be from
> the default install. I do not have /etc/hosts.deny on either the
> server or the client. The first attachment is /etc/hosts.allow from
> the server.
The server's `hosts.allow' file needs a bit of configuration:
> # hosts.allow access control file for "tcp wrapped" applications.
> # $FreeBSD: src/etc/hosts.allow,v 1.19.8.1 2006/02/19 14:57:01 ume Exp $
[...]
> # Allow anything from localhost. Note that an IP address (not a host
> # name) *MUST* be specified for rpcbind(8).
> ALL : localhost 127.0.0.1 : allow
The 127.0.0.1 address above allows rpcbind (and other RPC-based
services) to work for localhost -> localhost connections.
> # Rpcbind is used for all RPC services; protect your NFS!
> # (IP addresses rather than hostnames *MUST* be used here)
> rpcbind : 192.0.2.32/255.255.255.224 : allow
> rpcbind : 192.0.2.96/255.255.255.224 : allow
> rpcbind : ALL : deny
These rules allow rpcbind to work for hosts in the IP ranges matching
the first two lines.
To allow NFS mounts to work correctly from hosts in the IP ranges
192.168.18.XXX, 192.168.19.XXX listed in your /etc/exports file, you
will have to extend the list of addressed permitted for 'rpcbind'.
More information about the freebsd-questions
mailing list