[CS-FSLUG] NFS Scenarios
Don Parris
gnumathetes at gmail.com
Sun Nov 7 20:18:14 CST 2004
On Sun, 07 Nov 2004 15:09:21 -0600, Tim Young <tim.young at lightsys.org> wrote:
> Don,
> I am not sure if there is a doc out there, but I can tell you how I handled it
> when I ran a lab full of computers and 500+ users.
>
> On the server we exported the entire /home directory to all the computers.
> Then we served NIS off the server. That is it. All working.
>
> What it does is this. NIS exports all the usernames, passwords, directories,
> groups, and UIDs. All computers joined to the NIS domain authenticate with the
> same username and password. And they all get the same home directory path
> given to each computer. /home/username. If the /home directory is exported,
> then whenever anyone logs in, they get their files off the server.
>
> This is the typical setup for NIS. That and exporting /usr/local off the
> server also. Though on the newer redhats they have changed this to
> /usr/share. So any pakages you have on your domain that you want "installed"
> across all your computers, you store on /usr/local/ (or /usr/share). Now that
> it is much easier with distributions to keep computes synchronized with the
> packages you have installed, it is not quite as important to have the
> /use/local or /usr/share directories exported.
>
> Life gets a little more complex if you also have samba installed and are using
> smb passwords. There are a few good ways to do that one also.
>
> Blessings,
>
> - Tim Young
>
>
I am aware there are security issues with NFS, but wasn't sure exactly
what was involved. I am also aware that NIS is insecure by design. I
would rather use LDAP in my case, as it offers a more secure solution
than NIS. I mainly was curious about how to implement a sensible NFS
configuration. I will read up on the articles pointed out to me in
your responses so far, and return with any further questions. Thanks
for the input.
--
DC Parris GNU Evangelist
http://matheteuo.org/
gnumathetes at gmail.com
Free software is like God's love -
you can share it with anyone anywhere anytime!
More information about the Christiansource
mailing list