Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Anonymous access is enabled  (Read 5101 times)

0 Members and 1 Guest are viewing this topic.

Rgirl

    Topic Starter


    Newbie

    Anonymous access is enabled
    « on: May 25, 2009, 10:08:59 PM »
    Hi...

    I have this ESM violation in UNIX

    Anonymous access is enabled

    The named NFS exported directory allows anonymous access. If the anon option is not present or if it is set to a value other than -1, anonymous access is allowed. You should set the value of the anon option to -1 to disable anonymous access.

    How to solve this ... Im just a beginner and just less knowledge in UNIX

    Thanks in advance
    Logged

    Rob Pomeroy



      Prodigy

    • Systems Architect
      • Thanked: 124
      • Me
    • Experience: Expert
    • OS: Other
    Re: Anonymous access is enabled
    « Reply #1 on: May 26, 2009, 04:43:11 AM »
    First off: are you sure you need to use NFS?  If not, just disable the service.
    Logged
    Only able to visit the forums sporadically, sorry.

    Geek & Dummy - honest news, reviews and howtos

    Rgirl

      Topic Starter


      Newbie

      Re: Anonymous access is enabled
      « Reply #2 on: May 26, 2009, 07:40:38 PM »
      Quote from: Rob Pomeroy on May 26, 2009, 04:43:11 AM
      First off: are you sure you need to use NFS?  If not, just disable the service.

      Hi Rob,

      Yes, other users are using this device so I just can't disable the NFS ...  I just can't figure out how to disable anonymous access  :-\
      Logged

      Rob Pomeroy



        Prodigy

      • Systems Architect
        • Thanked: 124
        • Me
      • Experience: Expert
      • OS: Other
      Re: Anonymous access is enabled
      « Reply #3 on: May 27, 2009, 01:53:42 AM »
      Okay, well I'll prefix this with the disclaimer: I don't use and never have used NFS.  But my understanding is this: NFS allows mappings between users on the client system and users on the server system to determine what access (if any) the client has.  If on your Unixx system, files are owned by "Joe" and NFS maps this Joe to Joe on the client system, Andy, say will not have access.

      That's simplified because I've not considered group ownership, but you get the point.  Linux file systems have three sets of access permissions: the owner of the file, the group owner and everyone else.  Check the file permissions on your Unix box.  If you see something like "rwxr-x---" generally speaking anonymous access will not be enabled unless the anonymous (group) user for NFS is an owner of the file.

      I don't think I've explained that very well, but I've found a more detailed explanation here: http://www.troubleshooters.com/linux/nfs.htm.  It relates to Linux, but the same principles will apply to your Unix system.
      Logged
      Only able to visit the forums sporadically, sorry.

      Geek & Dummy - honest news, reviews and howtos

      banjo67xxx



        Beginner

        Thanked: 4
        • Certifications: List
        • Computer: Specs
        • Experience: Guru
        • OS: Linux variant
        Re: Anonymous access is enabled
        « Reply #4 on: May 27, 2009, 09:54:35 AM »
        If you try to access the filesystem over NFS from a server using the root account or from a Windows system which has no concept of UIDs, then you will be anonymous.

        In order to circumvent this you can specify in your exports file that you anonymous should be mapped to a specific UID. For example if a user called Andy always uses a PCcalled windows5 then you could put in the exports file an entry that says anon from windows5 is the UID for Andy.

        This warning message is simply telling you that anon is not mapped to -1 and so, for example, anyone else using that PC could access Andy's files.
        Logged
        Pages: [1]   Go Up
        « previous next »