Months ago, NetApp added a capability to use subnets to define root access(I think it was even in version 4.3.4R3). Not as flexible as netgroup, but an acceptable alternative that they informed us has much better performance. The netgroups can be scanned for mount priviledge, but writes could be slowed down by that kind of scan every time. The subnet check was quicker.
At 4:26 PM +0200 5/19/00, Thaller Horst (MDCA Villach) wrote:
The "root"-option is more secure, but this setting has one big drawback: You cannot use netgroup names with the -root option and you can specify only 256 host names!
If you have only few machines, the -root option is the better choice. In large server farms with more than 256 machines that are running CDE+dtlogin (XDMCP) the -root option will not work.
Horst
-----Original Message----- From: Bruce Sterling Woodcock [mailto:sirbruce@ix.netcom.com] Sent: Freitag, 19. Mai 2000 16:00 To: Thaller Horst (MDCA Villach); bhaskar.g@philips.com; toasters@mathworks.com Subject: Re: Problem in Saving CDE Settings
I think it´s a problem with the permissions on your home directory. The dtlogin process (CDE) reads and writes configuration files in the homedirectory (~/.dtlogin/..). The owner of the process is root --> But
root
has not permissions on mounted directories!
Try out to export your homedirecties with the "anon=0"-flag in
/etc/exports
-or- you should open your homedirectories for everybody (chmod 777 homedir)
:-((
to avoid this problem.
Yikes! Both are very insecure choices for a solution!!!
The correct answer is to simply export the home directories with root access for those machines that are running CDE that they are logging in through.
Bruce
}}}===============>> LLNL James E. Harm (Jim); jharm@llnl.gov (925) 422-4018 Page: 423-7705x57152