Re: Exporting (home) directories (Was: Re: SSHD defaults)

From: Dimitri Maziuk (dima@127.0.0.1)
Date: 06/29/02


From: Dimitri Maziuk <dima@127.0.0.1>
Date: Sat, 29 Jun 2002 17:20:20 +0000 (UTC)

begin 666 your_newsreader_is_broken
thus spake Stewart Honsberger:
... I was recently discussing my home
> network layout with a friend, one in which I export certain directories
> (home dirs, files, multimedia content, etc.) via both NFS and SMB, due
> to the mixed operating environment of myself and those with whom I share
> the house.
>
> Getting directly to my question; what is/are a) the best way to export
> directories across a network, and b) common practises in this regard?

On a firewalled LAN you'd usually go for NFS & Samba. There are
alternatives, like coda, but they're an overkill and a bitch to
get going in most cases.

> Some of the parameters go as follows;
>
> o For file directories, certain users on certain machines should have
> read/write access, many should have read-only access, and others still
> should have no access.

You should be able to do that with Unix user/groups & samba mappings.
They are not flexible enough for large number of users & groups, but
on a home LAN you should be OK.

> o Home directories. This is a given - multitudes of machines on the network,
> some with more than one user, each wanting access to their (centralized)
> home directory. Security in this regard is essential, for the reasons you
> state above and more, ad infinitum. Anybody could very easily connect a
> laptop to one of my active drops, create (and su to) a user, and they've
> got access to my or somebody else's home directory.

Set up a windows domain, central auth server (maybe LDAP?), get dhcpd
to check MAC addresses etc.

Dima

-- 
Politics and religion are just like software and hardware. They all suck, the
documentation is provably incorrect, and all the vendors tell lies.
                                                            -- Andrew Dalgleish