From owner-freebsd-questions  Tue Nov 26 14:27:36 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA01551
          for questions-outgoing; Tue, 26 Nov 1996 14:27:36 -0800 (PST)
Received: from who.cdrom.com (who.cdrom.com [204.216.27.3])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA01541
          for <questions@FreeBSD.org>; Tue, 26 Nov 1996 14:27:33 -0800 (PST)
Received: from shiva.jussieu.fr (shiva.jussieu.fr [134.157.0.129])
          by who.cdrom.com (8.7.5/8.6.11) with ESMTP id NAA13613
          for <questions@freebsd.org>; Tue, 26 Nov 1996 13:15:07 -0800 (PST)
Received: from mekong.biomath.jussieu.fr (mekong.biomath.jussieu.fr [134.157.72.87])
          by shiva.jussieu.fr (8.8.3/jtpda-5.2) with SMTP id WAA17403
          ; Tue, 26 Nov 1996 22:13:50 +0100 (MET)
Received: from iaka.biomath.jussieu.fr (iaka) by mekong.biomath.jussieu.fr (5.67b/jn930126+af960928(mailhost))
	  at Tue, 26 Nov 1996 22:13:30 +0100
Received: by iaka.biomath.jussieu.fr (5.67b/jf930126)
          at Tue, 26 Nov 1996 22:13:28 +0100
From: af@biomath.jussieu.fr (Alain FAUCONNET)
Message-Id: <199611262113.AA00455@iaka.biomath.jussieu.fr>
Subject: Re: NFS Client problems
To: jadaan@eecs.umich.edu (Khaleel Al-Jadaan)
Date: Tue, 26 Nov 1996 22:13:27 +0100 (GMT+0100)
Cc: questions@FreeBSD.org
In-Reply-To: <Pine.GSO.3.95.961126152536.10019C-100000@soso.eecs.umich.edu> from Khaleel Al-Jadaan at "Nov 26, 96 03:33:11 pm"
X-Mailer: ELM [version 2.4ME+ PL19 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-questions@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Khaleel Al-Jadaan wrote / a ecrit:
> 
>  Well Alain,
> 
>    Both clients and server run FreeBSD version 2.1.5, I am using DNS.
>   But not NIS. My exports file looks like this:
>   
>   /usr/home -ro -mapall:172.16.1.2:172.16.1.3  #IP of the two clients
> 
>   My network consists of three machines, one server and two clients.
> 
>   The root on the client machines can perform the mount without any
>  problems, but other users are denied with massage (Client credentials
>  too weak). Hope thats enough information and a crystal ball is not
>  needed. 

Well honestly I've always considered that  mount(8)  was  reserved  to
root. The man page doesn't state state it is, but that seems  more  or
less implicit. I may br wrong.

On the other hand the man page for mountd(8) states that for  non-root
mount  requests  to  be  accepted,  it  has  to be started with the -n
option.

On  my  version  of FreeBSD (2.1-stable), the -mapall options seems to
have  different  semantics,  like  -mapall=user:group.  I'm not sure what you
expect  that /etc/exports file to do with -mapall=ip-address. Anyway I
can  see  that  allowing a non-root user to remote mount a fs exported
without the mapall option opens a major security  window !!

_Alain_
-- 
Alain FAUCONNET    Ingenieur systeme - System Manager     AP-HP/SIM
Public Health                91 bld de l'Hopital 75013 PARIS FRANCE
Medical Computing Research Labs         Mail: af@biomath.jussieu.fr
Tel: (+33) 1-40-77-96-19                   Fax: (+33) 1-45-86-80-68
    I've RTFMed. It says: "Refer to your system administrator"
            But... I *am* the system administrator :-]