The /etc directory, The /etc/approve file – HP NetStorage 6000 User Manual
Page 98
Securing Data
HP NetStorage 6000 Security in a UNIX-only Environment
8-3
The /etc Directory
It is necessary to maintain a number of system files on the NetStorage 6000
in an accessible place for administrative purposes. Some of the more
common files found in this directory are:
All of these files are stored in the
/etc
directory on the first volume
created on the system. The files in the
/etc
directory are for system
management purposes and cannot be deleted. If the volume that stores the
/etc
directory is ever deleted, then the system moves the contents of this
directory to another available volume.
Most of the files in the
/etc
directory may be edited through the web
based user interface, or the telnet interface of the HP NetStorage 6000. In
some cases, it is necessary to edit these files directly using a text editor. By
default, all files in the
/etc
directory are owned by the root user, and may
only be edited by the root user. Therefore, the only way to edit these files
directly (using a text editor) is to mount the file system as the root user from
a Trusted Host. See “Trusted Hosts” on page 8-2.
The /etc/approve File
Since the NetStorage 6000 does not support the
/etc/exports
file,
support has been added for a file named
/etc/approve
. This file can
be used to restrict NFS access to particular clients on the network.
In order to restrict individual clients and groups of clients to specific
resources on the NetStorage server, the
/etc/approve
file must be
edited. The file may be edited manually, or from the web based user
interface, under the Host Access section of the Storage tab. Entries in the
/etc/approve
file have four fields. These fields are defined as follows:
Filename
Description
hosts
Resolves host names
hostgrps
Defines groups of host computers
approve
Restricts host access
users.map
Maps Windows user accounts to UNIX user accounts
group.map
Maps Windows group accounts to UNIX group accounts