This post is more than 5 years old
1 Rookie
•
79 Posts
0
978
December 8th, 2016 08:00
Isilon ACL Question
We have a NFS share exported as no_root_squash. We would like to make one the directories under it read-only to root. How can we accomplish that?
root can still write even when we have this ACLs:
# ls -led dir-1
dr-xr-x--- + 2 root wheel 108 Dec 7 14:00 dir-1
OWNER: user:root
GROUP: group:wheel
0: user:root deny dir_gen_write
1: user:root allow dir_gen_read,dir_gen_execute,std_write_dac,dir_write_attr
2: group:wheel allow dir_gen_read,dir_gen_execute
3: everyone allow std_read_dac,std_synchronize,dir_read_attr
#
Any idea what we need to change to deny root from writing to the directory?
-Dan
No Events found!
sluetze
2 Intern
•
300 Posts
0
December 9th, 2016 03:00
you have to root_squash if you want to limit the access.
you can't limit root.
Dtek1
1 Rookie
•
79 Posts
0
December 21st, 2016 11:00
Thank you. I thought there would be a way using the Isilon ACLs. I confirmed that with support it can't be done.