[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] NFS over SSH


We should probably be moving off-list soon, this is drifting away from
the topic of security.

On Fri, 4 Jun 2004, January Weiner wrote:

> > Not tested, but the server file system lacks the attributes you want to 
> > see on your linux client so I can't see how it could work.  For providing 
> > disk to multiple platforms, your server should be running unix or linux.  
> > The rest (NFS, Samba, whatever) is just cosmetics.
> Yeah.  OK, I tell you what the other problem is -- apart from our home
> directories, which are on our server.  There are university wide home
> directories for windows clients, and also shares with program files.  It
> would be nice to access them, too.  They are exported from ...VMS. :-))))

Access is no problem.  Useless as home directories, but as data 
repositories mounted as sub-directories of the proper home dir - 
no problem.  I do that from Windows 200X servers all the time.
Not sure you'd be able to run the program files (using wine?)
but it would be worth a try.

> > Except, of course, that the Bioinformatics group here is running 
> > DeadRat linux. >:(
> I really, really hate to say that, I've been using SuSE ever since around
> the 5th version, but the last SuSE release got me really pissed of, and we
> are considering alternatives at this point of time (debian to be specific).
> The problems for me are 
>   - my favorite number one: the persistent nfslock problem

Fixed by enabling the nfslock service on clients.  'rcnfslock start'
for the current session, 'insserv nfslock' to handle next reboot.

>   - the automatic mounting of USB devices with "sync" option -- welcome
>     back to floppy-and-DOS-era  (why not mount the hard disk that way, too?)

Hadn't noticed, what's the problem?

>   - problems with high uids in samba 

Come on, the patch you found is from mid-April, no way that was 
going to make it into SuSE 9.1, in particular since it hasn't
yet made it into the vanilla Samba 3.X.  SuSE needs to work with
the software as it is, they can't enhance every piece of software
they pack up to some sort of standard.

>   - printing: I distinctly remember that SuSE was able to detect CUPS
>     servers available on the network automatically and out of the box, so
>     what happened now?

Works for me, tested with two SuSE 9.1 boxes at home this weekend.

>   - dozens of minor configuration problems (ever tried to use ACPI on a 
>     laptop with SuSE 9.1?  

APM is a Known problem with kernel 2.6.X - but I really think it was the
right decision for SuSE to go for 2.6 this time.  Though they might have
included 2.4 as an option, like they did during the 2.2 -> 2.4 switch-
over (I forget which SuSE version that was) - but I realise this
complicates things a lot.

ACPI, by the way, only started working on my Asus L3 laptop when I 
upraded from SuSE 9.0 to 9.1.  Working perfectly now, as far as I
can determine, straight out of the box.  But 2.6 does have problems
which I'm hoping will have solutions soon - and maybe make it into a 
patched kernel from SuSE when they do.

>     ever worked with custom LDAP settings? 

Does Active Directory count?  Works fine with SuSE 9.0 as the client
(haven't tested 9.1 yet).

> Then, there is this general KDE-centric attitude, which could be bearable
> if there were not so many problems, little annoyances and occasional
> crashes while running it.  (For example, we have always some printing
> problems with konqueror/kprinter, sometimes it works, sometimes not,
> sometimes it crashes, sometimes it produces a dozen of blank pages.
> Mozilla does not seem to print at all via kprinter in SuSE 9.1...).  

All works fine on KDE 3.whatever on SuSE 8.2, 9.0, and 9.1 here.  No
problems, straight out of the box.

I have had my problems with SuSE.  8.1 was badly broken, for instance,
and I was never happy with the late 7.X editions.  But do attack them
on what they've done, not on stuff where they depend on others (Samba
and kernel developers for instance) and really have no choice on what
they deliver.  Changing distro based on that will leave you with 
exactly the same problems + a few new ones related to having to figure
out a new setup.

Bjørn Tore Sund           Phone:  (+47) 555-84894    Stupidity is like a
System administrator      Fax:    (+47) 555-89672    fractal; universal and
Math. Department          Mobile: (+47) 918 68075    infinitely repetitive.
University of Bergen      VIP:    81724
Support: system@xxxxxxxxx Contact: teknisk@xxxxxxxxx Direct: bjornts@xxxxxxxxx

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here