https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37212#M3400 <HTML><HEAD></HEAD><BODY><P>The root option gives the root user on an NFS client full privileges on the export. Otherwise, the root user, as you said effectively gets mapped to a UID corresponding to "nobody", a user that has no special privileges.</P><P></P><P>You may use it if you want to prevent someone who has root access on a client system from making changes on the filesystem. To be honest, it is not widely used these days.</P><P></P><P>Richard</P></BODY></HTML> Wed, 16 Mar 2011 14:14:48 GMT rmharwood 2011-03-16T14:14:48Z https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37203#M3396 <HTML><HEAD></HEAD><BODY><P>Hi All</P><P></P><P>I am trying to understand what the purpose of using the root access restriction option is while exporting an NFS share.</P><P></P><P><SPAN>As per </SPAN><A class="jive-link-external-small" href="http://now.netapp.com/NOW/knowledge/docs/ontap/rel701r1_gf/html/ontap/filesag/2nfs3.htm" target="_blank">http://now.netapp.com/NOW/knowledge/docs/ontap/rel701r1_gf/html/ontap/filesag/2nfs3.htm</A><SPAN> If you specify a host with the </SPAN><KBD>root</KBD> option, the root user on that host keeps the root UID (0) when accessing the resource.</P><P>Doesn't the root user have the UID 0?</P><P></P><P>Regards</P><P>Ashutosh</P></BODY></HTML> Thu, 05 Jun 2025 06:58:20 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37203#M3396 ashutosh83 2025-06-05T06:58:20Z https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37207#M3398 <HTML><HEAD></HEAD><BODY><UL><LI>By default, the <KBD>anon</KBD> option specifies a UID of 65534. That is, if you do not use the <KBD>root</KBD> and <KBD>anon</KBD> options for a resource, root users on all hosts access the resource using the UID 65534. <A name="1225021" target="_blank"> </A> </LI><LI>If the <KBD>anon</KBD> option specifies a UID of 65535, root access is disabled. <A name="1225022" target="_blank"> </A> </LI><LI>If the <KBD>anon</KBD> option specifies a UID of 0, root access is granted to all hosts. <A name="1259809" target="_blank"> </A> </LI><LI>If a name is provided instead of a UID, that name is looked up&nbsp; according to the order specified in the /etc/nsswitch.conf file to&nbsp; determine the corresponding UID to be assigned by the <KBD>anon</KBD> option. </LI></UL><P></P><P>Clarifies it. Is there anything else that I am missing to understand?</P></BODY></HTML> Tue, 15 Mar 2011 18:20:21 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37207#M3398 ashutosh83 2011-03-15T18:20:21Z https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37212#M3400 <HTML><HEAD></HEAD><BODY><P>The root option gives the root user on an NFS client full privileges on the export. Otherwise, the root user, as you said effectively gets mapped to a UID corresponding to "nobody", a user that has no special privileges.</P><P></P><P>You may use it if you want to prevent someone who has root access on a client system from making changes on the filesystem. To be honest, it is not widely used these days.</P><P></P><P>Richard</P></BODY></HTML> Wed, 16 Mar 2011 14:14:48 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/NFS-root-option/m-p/37212#M3400 rmharwood 2011-03-16T14:14:48Z