Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am assigning an NFS datastore to our ESXI environment using system manager 2.2 and having trouble figuring out he proper way of doing the permissions. I would like to restrict access to only my two host and I'm trying to make sure to following the correct procedures because Im don't fully understanding the client permissions verses the root permissions when it comes to VMware.
Default settings in system manager:
Security: UNIX
Client Permissions: All Host read/write allow:yes
Anonymous access: Grant access to root users on all clients to the shared directory.
The options I am currently using:
Security: Unix
Client permissions:
- xxx.xxx.xxx.xxx read/write allow:yes
- xxx.xxx.xxx.xxx read/write allow:yes
Anonymous access: Grant root access to all hosts
is this the proper way to apply the security to an nfs datastore in VMware? Do I need a deny statement for all host under client permissions and even though "grant root access to all hosts" works is that the proper option considering I know VMware must have root access.
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have two entries for each host in the Client Permissions section of the Export in System Manager 2.2. One is for Allow Read Write, the other is Allow Root Access. Under the Anonymous Access section, the "Grant access to root users on all clients to the shared directory" option is selected. Also, the "Enable setuid and setgid executables" option is checked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the info. That was the answer I was looking for.
What does the SetUid and Setgid option actually do though?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have a look at this article. http://www.techrepublic.com/blog/security/understand-the-setuid-and-setgid-permissions-to-improve-security/2857
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please ignore this post I am being stupid!
