Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: AppleJason
AppleJason Author
User level: Level 1
32 points

nfs home directory question

I'm trying to setup a new 10.6.8 server with NFS home shares instead of AFP, so that more than one user can log onto the computer at a time. (fast user switching on)


I've created a new folder on the server for the NFS share, unchecked AFP, checked NFS.... export to world.... then...


my question is:


Mapping: should this be ROOT TO ROOT? or ROOT TO NOBODY (the default, 3rd down, option)?


Minimum security....Standard or should I turn on Kerberos and select one of these options?


I don't want users to be able to see other users home directories. We're a totally 10.6.8 mac client/server environment.

iMac, Mac OS X (10.6.8), i5 with Thunderbolt

Posted on Sep 24, 2012 3:09 AM

Reply
Question marked as Best reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Posted on Sep 24, 2012 4:14 PM

Mapping: should this be ROOT TO ROOT? or ROOT TO NOBODY (the default, 3rd down, option)?


Largely irrelvant - at least for home directories. This option only affects what happens when a root user tries to mount the shared directory - 'root to root' means that the root user gets root-level access to the filesystem. 'root to nobody' means that the root user is mapped to 'nobody', an unprivileged account. In some ways, 'root to nobody' makes more sense, although then all root-privileged changes to the directory have to be made on the server itself, rather than over the network.


Minimum security....Standard or should I turn on Kerberos and select one of these options?


If you're running a kerberized environment (including Open Directory with mapped clients) then Kerberos would be preferred.

View in context
1 reply
Question marked as Best reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Sep 24, 2012 4:14 PM in response to AppleJason

Mapping: should this be ROOT TO ROOT? or ROOT TO NOBODY (the default, 3rd down, option)?


Largely irrelvant - at least for home directories. This option only affects what happens when a root user tries to mount the shared directory - 'root to root' means that the root user gets root-level access to the filesystem. 'root to nobody' means that the root user is mapped to 'nobody', an unprivileged account. In some ways, 'root to nobody' makes more sense, although then all root-privileged changes to the directory have to be made on the server itself, rather than over the network.


Minimum security....Standard or should I turn on Kerberos and select one of these options?


If you're running a kerberized environment (including Open Directory with mapped clients) then Kerberos would be preferred.

Reply

nfs home directory question

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up