1

I'm trying to grant access to a single freeipa user to an nfs share (if possible the machine account). My etc exports looks like :

/data lemp1.domain.local(rw,sync,sec=krb5p)

And my working mount is : 

mount -t nfs4 -o sec=krb5p nfs1.domain.local:/data /data

Now I can mount the directory, I'm trying to be more restrictive, and allow only some kerberos accounts to authenticate, is there a way to do that ?

Thanks !

setenforce 1
  • 928
  • 5
  • 7
  • 2
    Fix the ownership and permissions of the exported files. – Michael Hampton Jan 23 '18 at 14:20
  • Thanks. However what I'm trying to accomplish is a machine-based kerberos authentication, and based on `ipa host-find --all`, hosts accounts doesn't have uid. Do they ? – setenforce 1 Jan 23 '18 at 16:01
  • 1
    You've already restricted it to a single machine. The ownership and permissions restrict which users can access the files. You have nothing left to do. – Michael Hampton Jan 23 '18 at 16:13

0 Answers0