paul@mecazh.UUCP (Paul Breslaw) (02/16/90)
Could someone kindly mail me those few instructions needed to give root super-user privileges on NFS mounted file systems. I know it is something to do with a symbol called 'nobody' in the kernel, but have forgotten the details. We have HP-UX 7.0 on 9000/3xx. Many thanks Paul Breslaw -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Paul Breslaw, Mecasoft SA, | telephone : 41 1 362 2040 Guggachstrasse 10, CH-8057 Zurich, | e-mail : mcsun!chx400!mecazh!paul Switzerland. | paul@mecazh.UUCP
johnb@hpubvwa.HP.COM (John Blommers) (02/17/90)
This has to do with using adb to edit the unix kernel and change the value of nobody from -2 to zero. This is not the brightest thing to do to your servers, you know, since any root user on any client can now accidentally do a dread rm * on some part of the server file system, buying you big headaches.
burzio@mmlai.UUCP (Tony Burzio) (02/19/90)
In article <11590023@hpubvwa.HP.COM>, johnb@hpubvwa.HP.COM (John Blommers) writes: > This is not the brightest thing to do to your servers, you know, > since any root user on any client can now accidentally do a dread > rm * on some part of the server file system, buying you big > headaches. How then do you back up a remote machine? The REALLY bright thing to do is to provide rdump with HP-UX. I know, I know, it's in V7, but I truly don't believe that V7 actually exists, just the manuals are shipped to bewilder the innocent :-) I got my first V8 release announcement from HP on Friday :-) By the way, I was wandering around an SG machine the other day, kicking the tires and such, and it looks like they can allow root access from a particular machine, instead of the blanket access of the kernel patch. Is this something that HP will provide, say in a future (sigh) release? ********************************************************************* Tony Burzio * Stumbling blindly into the future... Martin Marietta Labs * mmlai!burzio@uunet.uu.net * *********************************************************************
tomg@hpcvlx.cv.hp.com (Thomas J. Gilg) (02/21/90)
> By the way, I was wandering around an SG machine the other day, kicking > the tires and such, and it looks like they can allow root access from a > particular machine, instead of the blanket access of the kernel patch. > Is this something that HP will provide, say in a future (sigh) release? You might want to look into /etc/hosts.equiv Based on another posting of your's later on, it sounds like you are trying to create _one_ super cluster that is really made up of two clusters. Hope this helps, Thomas Gilg tomg@cv.hp.com
icsu6000@caesar (Jaye Mathisen) (02/22/90)
> By the way, I was wandering around an SG machine the other day, kicking > the tires and such, and it looks like they can allow root access from a > particular machine, instead of the blanket access of the kernel patch. > Is this something that HP will provide, say in a future (sigh) release? I hope so... Even DEC has this "feature" and it suprises/annoys me that HP doesn't. It sure is useful, even if it makes the machine a little less "secure", I feel better knowing which nodes will screw it up via the root user mapping to 0 or nobody. C'mon HP! :-) -- +-----------------------------------------------------------------------------+ | Jaye Mathisen,systems manager Internet: icsu6000@caesar.cs.montana.edu| | 410 Roberts Hall BITNET: icsu6000@mtsunix1.bitnet | | Dept. of Computer Science |