NFS: Different perms on same folder

[the_jest]

I'm trying to do something that I thought would have been common, but I can't make it work or find good discussion of proper approaches.

I have a FreeNAS box where the main volume is at /mnt/foobar/share. Under this, there is a straightforward array of subfolders (Music, Video, Documents, etc.).

I'd like to have /mnt/foobar/share available with different permissions to different IP addresses/ranges. Specifically, I have my main desktop at 192.168.1.10 that should have read/write access to everything, perhaps even connecting as root. Everything else on the 192.168.1.0/24 subnet should have read-only access to /mnt/foobar/share.

However, if I try to add the second share, I get a "This option is only available once per mountpoint" error at the "All directories" checkbox.

What's the correct way to do this? It seems I can add every path individually (i.e. /mnt/foobar/share/Music, /mnt/foobar/share/Video, etc.), but then the user would have to log in separately for each path. I simply want everything under share/ available to everyone, easily, just with different permissions for me at my desk as opposed to everything else.

 

[Ericloewe]

What's the correct way to do this?

You don't. You setup users and their permissions.

 

[the_jest]

Huh. Then what's the purpose of having authorized networks at all? Why not just make it visible to the entire world, and let the users/permissions handle it all?

I'm not being snarky. I'd think that if specifying particular networks or subnetworks provides additional security or access control, it would be beneficial to be able to do this on a case-by-case basis.

 

[Ericloewe]

Security yes. Access control, no. Permissions are a filesystem property and have nothing to do with the network.

 

[Ericloewe]

Why not just make it visible to the entire world

The entire world is a bad idea, but certainly all the subnets that require access.