NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

Active IQ Unified Manager Discussions

NFS vmware data store permissions

stanleyj42
10,668 Views

I am assigning an NFS datastore to our ESXI environment using system manager 2.2 and having trouble figuring out he proper way of doing the permissions.  I would like to restrict access to only my two host and I'm trying to make sure to following the correct procedures because Im don't fully understanding the client permissions verses the root permissions when it comes to VMware.

Default settings in system manager:

Security: UNIX

Client Permissions: All Host read/write  allow:yes

Anonymous access: Grant access to root users on all clients to the shared directory.

The options I am currently using:

Security: Unix

Client permissions:

     - xxx.xxx.xxx.xxx read/write    allow:yes

     - xxx.xxx.xxx.xxx read/write    allow:yes

Anonymous access: Grant root access to all hosts

is this the proper way to apply the security to an nfs datastore in VMware?  Do I need a deny statement for all host under client permissions and even though "grant root access to all hosts" works is that the proper option considering I know VMware must have root access. 

4 REPLIES 4

skiser
10,668 Views

I have two entries for each host in the Client Permissions section of the Export in System Manager 2.2.  One is for Allow Read Write, the other is Allow Root Access.  Under the Anonymous Access section, the "Grant access to root users on all clients to the shared directory" option is selected.  Also, the "Enable setuid and setgid executables" option is checked.

stanleyj42
10,668 Views

Thanks for the info.  That was the answer I was looking for. 

What does the SetUid and Setgid option actually do though? 

BEEFY1471
10,668 Views

Please ignore this post I am being stupid!

Public