NFS:root option

Hi All

I am trying to understand what the purpose of using the root access restriction option is while exporting an NFS share.

As per If you specify a host with the root option, the root user on that host keeps the root UID (0) when accessing the resource.

Doesn't the root user have the UID 0?



Re: NFS:root option

  • By default, the anon option specifies a UID of 65534. That is, if you do not use the root and anon options for a resource, root users on all hosts access the resource using the UID 65534.
  • If the anon option specifies a UID of 65535, root access is disabled.
  • If the anon option specifies a UID of 0, root access is granted to all hosts.
  • If a name is provided instead of a UID, that name is looked up  according to the order specified in the /etc/nsswitch.conf file to  determine the corresponding UID to be assigned by the anon option.

Clarifies it. Is there anything else that I am missing to understand?

Re: NFS:root option

The root option gives the root user on an NFS client full privileges on the export. Otherwise, the root user, as you said effectively gets mapped to a UID corresponding to "nobody", a user that has no special privileges.

You may use it if you want to prevent someone who has root access on a client system from making changes on the filesystem. To be honest, it is not widely used these days.