XtremeOwnage Posted May 4, 2023 Share Posted May 4, 2023 A simple request- Add ability to expose maproot / mapuser fields for NFS. These, can be quite handy especially combined with say, a kubernetes cluster with containers which may be running as root. This feature, apart of the NFS spec, allows incoming requests, to be mapped to particular user IDs. So, instead of the incoming request being read/written as root, you can maproot=1002, which would translate the root account into userid=1002. Likewise, mapuser, will map all user actions to a specific account. It appears, in the world of BSD AND TrueNAS, this is referred to as maproot, mapall where as in Linux, this is referred to as root_squash, all_squash. Linux documentation: https://linux.die.net/man/5/exports BSD documentation: https://man.freebsd.org/cgi/man.cgi?exports(5) This CAN be done currently, by modifying /etc/exports(ideally scripted), and reloading. However, I cannot find this functionality exposed via the user interface anywhere. If, this feature came to be, I would also recommend exposing the ability to alter anonuid / anongid. Quote Link to comment
Solution XtremeOwnage Posted May 15, 2023 Author Solution Share Posted May 15, 2023 (edited) For others looking for this functionality, it can be set with NFS rules, when using "private" mode. Ie, Set rule to: 10.2.5.0/24(sec=sys,rw,insecure,anongid=100,anonuid=99,all_squash) Edited May 18, 2023 by XtremeOwnage Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.