[wplug] Discuss: Networking in an insecure world
Dane Miller
dane at olneyfriends.org
Fri May 6 15:02:27 EDT 2005
John Harrold wrote:
> | We're looking to upgrade our network accounts/home directories model
> | from NIS/NFS to something a) more stable, b) more flexible, and c) more
> | secure. I'm seriously considering a "Samba-only" solution using winbind
> | and smbfs. The Samba team puts out great documentation, and my initial
> | tests of winbind are very positive. In fact, Samba does not seem
> | "backwards" to me at all compared to NIS/NFS.
>
> NIS and NFS works fine for us, though we are a relatively small shop (20-30
> networked devices) and we have decent control over access to our network.
One of my gripes with NFS/NIS is that I can't tell who is logged in and
accessing the server. This, I think, is because both are stateless
protocols. I'm using NFSv3 over TCP and can discover _active_ NFS
connections with netstat -t. But I can't tell if, for example, a user
logged in and then left her machine. Is there a better way to monitor
NFS/NIS connections to a server?
Another gripe is the $@%* file locking problems with NFS. The situation
has improved in the 2.4.2x kernels, but the NFS mailing list is still
rife with lock issues (or at least it was when I un-subscribed last
fall). Have you had to deal with file locking bugs?
Dane
--
Dane Miller
Technology Coordinator
Olney Friends School
Barnesville, Ohio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.wplug.org/pipermail/wplug/attachments/20050506/670c23d7/attachment.bin
More information about the wplug
mailing list