How to prevent NFS clients from changing file ownership and permissions
Issue
- NFS clients were able to change file attributes like ownership and permissions even though
root_squash
orall_squash
was set on the NFS server - Why
anonuid
andanongid
are not enforcing the uid and gid on the NFS mounted exports?
Environment
-
Red Hat Enterprise Linux (RHEL) 5.x, 6.x, 7.x, 8.x
- All (RHEL) NFS Servers using the
nfs-utils
package -
Exporting NFS shares with
anonuid=0
oranongid=0
orno_root_squash
:# cat /etc/exports /nfs/export1 *(rw,all_squash,anonuid=0,anongid=0) /nfs/export2 *(rw,no_root_squash)
- All (RHEL) NFS Servers using the
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.