exports

Access control for hosts

On each node, the file /opt/mapr/conf/exports lists the clusters and mount points available to mount with NFS.

Specify access control for hosts with a space-separated list of hosts, appending (rw) for read-write or (ro) for read-only access after each host. To specify a default access for all hosts not otherwise specified, add (rw) or (ro) after a space at the end of a line. The exports file follows the same semantics as a standard UNIX exports table. The following export options are supported:

Export option	Definition
ro	Provides read-only access.
rw	Provides read-write access.
root_squash	Squashes root privileges for remote users. For example, you can use: `/mapr (rw,root_squash)` This entry prevents the `/mapr` directory from being written to by the root user on remote hosts.
no_root_squash	Turns off root squashing for remote users.
all_squash	Squashes every remote user, including root.
anonuid, anongid	Specifies user and group IDs to use with remote users from a particular host.

Restricting clusters to specific hosts

To restrict access to a specific export path to particular hosts, use the following format:

<Path> <space-separated list of hosts and access rights>

For example, the line /mapr/cluster1 host01(rw) host02(ro) restricts read-write access to the cluster in /mapr/cluster1 to host host01, and restricts read-only access to host host02. No other hosts have access.

NOTE

After making changes to this file, you do not have to restart the NFS server. You can run a maprcli command to refresh the exports definition without a restart. See nfsmgmt refresh exports.

Sample exports file

# Sample Exports file

# for /mapr exports
# <Path> <exports_control>

#access_control -> order is specific to default
# list the hosts before specifying a default for all
#  host01(ro) host02(ro) host03(ro) (rw)
#  enforces ro for a.b.c.d & 1.2.3.4 and everybody else is rw

# special path to export clusters in mapr-clusters.conf. To disable exporting,
# comment it out. to restrict access use the exports_control
#
/mapr (rw)

#to export only certain clusters, comment out the /mapr & uncomment.
# Note: this will cause /mapr to be unexported
#/mapr/clustername (rw)

#to export /mapr only to certain hosts (using exports_control)
#/mapr a.b.c.d(rw) e.f.g.h(ro)

# export /mapr/cluster1 rw to a.b.c.d & ro to e.f.g.h (denied for others)
#/mapr/cluster1 a.b.c.d(rw) e.f.g.h(ro)

# export /mapr/cluster2 only to e.f.g.h (denied for others)
#/mapr/cluster2 e.f.g.h(rw)

# export /mapr/cluster3 rw to e.f.g.h & ro to others
#/mapr/cluster2 e.f.g.h(rw) (ro)

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0