User's Guide
Managing Storage
Allowing Access to Data
4-17
Here is a list of sample entries in the host access file:
#class specifier host pattern rights
files /acct/usr it0 access=rw
files /acct/usr @guest access=ro
files /acct/etc it1 access=rw
files /acct/etc it2 access=rw
files /acct @general access=none
These five entries define the access to the /acct volume. In particular, the
first two entries define access to the /acct/usr directory. Read only
access is granted to the guest group (defined in the /etc/hostgrps
file). The next two entries allow read/write access to the machines it1 and
it2 to all files and directories in the /acct/etc directory. The last entry
is a catch-all, indicating that all other hosts have no access to the /acct
volume.
The following list demonstrates the use of wildcards and DNS domains:
#class specifier host pattern rights
files /engineering *.eng.nas.hp.com access=rw
files /engineering *.test.nas.hp.com access=ro
files /engineering @general access=none
files / @general access=none
The first three entries define the access allowed to the /engineering
volume. The wildcard (*) character was used to specify all the machines in
a DNS domain. The last two lines in the examples are catch-alls, indicating
that all other hosts have no access to the /engineering volume or any
other volume. These entries are optional since access is always denied if it
is not specifically granted.
To view and edit the host access file using the NetStorage web interface:
1 Using the NetStorage web interface, click the Storage tab, then select
Host Access.
2 Modify the file as you would in any text editor.
3 Click Save Changes when you are done editing.
Note If there is no entry in the approve file to define access to a volume, then
access is denied to all hosts. The root user, mounting from a Trusted Host,
always has full read/write access to all volumes, regardless of the access
rights specified in the approve file.