Unsolved
1 Rookie
•
32 Posts
0
1152
October 4th, 2021 05:00
NFS export hiding
Hi,
the PowerShell OneFS Seurity Configuration Guide 9.2.0.0 explains how to hide nfs exports from unauthorized hosts. I did the following:
isi_gconfig registry.Services.lwio.Parameters.Drivers.nfs.MountdDeniedStatusOnNotAllowed=1
isi_for_array /usr/likewise/bin/lwsm restart onefs_nfs
But every host, allowed or not, can still view the whole exports list with "showmount -e". I can only disable the showmount command, but then even the authorized hosts cannot see the export status.
What am I doing wrong?
Dirk
DELL-Sam L
Moderator
•
7.7K Posts
0
October 4th, 2021 13:00
Hello dirkuos,
Are you using OneFS: Best practices for NFS client settings? Here is a link to the kb if you need it. https://dell.to/3a6WI8G
dirkuos
1 Rookie
•
32 Posts
0
October 19th, 2021 01:00
Hi,
no, it's not about the client configuration. I'm talking aubout the manual "PowerScale OneFS: Security Configuration Guide 9.2.0.0.". On page 59 under "NFS best practices" and "Enable export hiding" it says, that you can set the system variable registry.Services.lwio.Parameters.Drivers.nfs.MountdDeniedStatusOnNotAllowed=1 to hide the exports from unauthorized hosts. I did set the variable and restarted the nfs service, but all clients can still view the exports with "showmount -e".
DELL-Sam L
Moderator
•
7.7K Posts
0
October 19th, 2021 15:00
Hello dirkuos,
You are going to need to open a support case so that we can look at the logs to see why it is not hiding the exports.