Network and Storage Protocols

Reports from netgroup/exports

ewilts_mc
3,390 Views

I'm looking to generate a report from the netgroup and exports files showing what host has what access (readonly, read/write) to which file systems.  Given that the negroup files contain nested groups, parsing it is non-trivial so I'm hoping that somebody has already done the work.

The final goal is to be able to generate an fstab for a host based on the permissions that the filer has.  If we add a host to a netgroup, we should be able to regenerate fstab entries for all file systems on that filer with the right mount options (ro, rw).

Any pointers would be greatly appreciated!

Thanks,

   .../Ed

2 REPLIES 2

bikash
3,289 Views

There is no direct or concise way to get the list that you are asking for.

From the clients you can use - "showmount -e <ipaddr_NetApp Storage>". This will list all the mounts upto 10000 entries.

From the NetApp Storage you can possiblely this information at one single point of time from the access cache contents.

The volume "test_vol" is exported out from the /etc/exports as follows:

/ect/test_vol     -sec=sys,ro=172.17.39.0/29,rw=172.17.39.0/22,root=172.17.39.72,nosuid

fas6080c-svl13*> exportfs -c 172.17.39.72 /vol/test_vol -ro

exportfs: 172.17.39.72 has ro access to /vol/test_vol

ewilts_mc
3,289 Views

Thanks Bikash, but that doesn't really help because you have not factored in the netgroup file at all.

The export uses entries like rw=@hostlist.  Given that, you need to go through the netgroup file where you may have nested netgroup entries (we do here).  So it's actually a fairly complex matter to determine which host has access to which exports.

I'm actually quite surprised that nobody has written anything like this before since it's pretty close to imperative for audit purposes.  Manually generating a list of which hosts have access to a specific mount point can be a very time-consuming exercise.

   .../Ed

Public