BSDCan2017 - 0722d
BSDCan 2017
The Technical BSD Conference
| Speakers | |
|---|---|
|
John Hixson |
| Schedule | |
|---|---|
| Day | Talks #2 - 10 June - 2017-06-10 |
| Room | DMS 1140 |
| Start time | 14:45 |
| Duration | 01:00 |
| Info | |
| ID | 845 |
| Event type | Lecture |
| Track | System Administration |
| Language used for presentation | English |
Understanding NFSv4 ACL's
NFSv4 Access Control Lists are hard. Many people have a hard time understanding them let alone how to utilize them. The purpose of this talk is to explain in detail how they work and to demonstrate this in action. Demonstrations will be given and questions will be answered so everyone learns.
Traditional UNIX permissions are very limited in the security they can provide. UNIX permissions can only be set for the owner, group and everyone else (other). NFSv4 access control lists can give a lot more flexibility in the security and access that can be provided. In the NFSv4 security model, owner, group, specific users, specific groups, everyone, etc can be configured. Complete control over the type of access you want is possible. This paper assumes you are running FreeBSD or FreeNAS. The object of this paper is to demonstrate how NFSv4 access control lists work by example with some explanation. It is assumed the reader is familiar with traditional UNIX permissions.