Manualshelf

Open System Services NFS Management and Operations Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
File-Access Control
User IDs
To access files managed by the OSS NFS servers, a client must have a user ID (either explicitly
specified or by default). In addition, if the NULL-ALIAS-OK attribute of the corresponding OSS NFS
server is FALSE, an OSS NFS client user ID must be mapped to a specific OS user ID.
File Permissions
Following the UNIX model, OSS NFS file permissions are expressed as an array of user classes
represented by internally stored octal values specifying the capabilities granted to each class.
This table describes OSS NFS user categories:
DescriptionCategory
The owner of the fileUser
Members of the owner’s groupGroup
All other usersOther
OSS NFS offers these file permissions:
Read access
Write access
Execute access
Each of these permissions can be independently granted (represented by 1) or denied (0) for each
user category. When the three permissions are written in the order: read-write-execute, together
they form a single three-bit octal value. This value defines the overall file permission for a user
category.
This table shows an example:
OtherGroupUser
NoneRead+ExecuteRead+Write+ExecutePermissions
---r-xrwxSymbolic representation
000 = 0101 = 5111 = 7Octal representation
The OSS NFS ALIAS attribute of a USER object specifies a mapping between the OSS NFS client
user ID and a local OS user ID. This information is stored in the NonStop system directories. The
flow chart in Figure 5 (page 59) shows how OSS NFS determines whether an access request is
valid.
NOTE: To handle clients unknown to OSS NFS, SERVER objects can be configured to use the
nobody client-user ID (-2).
58 OSS NFS Security