release notes | Book: 1.9.5, 1.9.12 (opt, FHS), 2.11 (FHS), 2.12 (FHS), 2.13 (FHS), 2.14 (FHS), | Wiki | Q&A black_bg
Web: Multi-page, Single page | PDF: A4-size, Letter-size | eBook: epub black_bg

Access Control

The files /pnfs/fs/admin/etc/exports/<hostIP> and /pnfs/fs/admin/etc/exports/<netMask>..<netPart> are used to control the host-based access to the pnfs filesystem via mount points. They have to contain one line per NFS mount point. The lines are made of the following four space-separated fields fields:

  • Mount point for NFS (the part after the colon in e.g. host:/mountpoint)

  • The virtual PNFS path which is mounted

  • Permission: 0 means all permissions and 30 means disabled I/O.

  • Options (should always be nooptions)

In the initial configuration there is one file /pnfs/fs/admin/etc/exports/0.0.0.0..0.0.0.0 containing

/pnfs /0/root/fs/usr/ 30 nooptions

thereby allowing all hosts to mount the part of the pnfs filesystem containing the user data. There also is a file /pnfs/fs/admin/etc/exports/127.0.0.1 containing

/fs /0/root/fs 0 nooptions
/admin /0/root/fs/admin 0 nooptions

The first line is the mountpoint used by the admin node. If the pnfs mount is not needed for client operations (e.g. in the grid context) and if no tertiary storage system (HSM) is connected, the file /pnfs/fs/admin/etc/exports/0.0.0.0..0.0.0.0 may be deleted. With an HSM, the pools which write files into the HSM have to mount the pnfs filesystem and suitable export files have to be created.

In general, the user ID 0 of the root user on a client mounting the pnfs filesystem will be mapped to nobody (not to the user nobody). For the hosts whose IP addresses are the file names in the directory /pnfs/fs/admin/etc/exports/trusted/ this is not the case. The files have to contain only the number 15.