Setting Root, User, and Group Client Privileges
By default, the root user on the client is mapped to the anonymous user nobody on the server, which means that the root user on the client does not have full root privileges over the files on the mounted share. This default option can be made explicit by specifying root_squash. The opposite of this is no_root_squash, which allows the root user on the client full root privileges on the NFS share.
Unless there is a special reason to do otherwise, filesystems should be exported with the root_squash option.
The option all_squash is similar but maps all users to the user nobody. When the share is mounted, a normal user on the client will not be able to write to the share unless the permissions on the directory allow others to write to it. And any file that is created in this way will be owned by user nobody and group nogroup.
When using the all_squash option, you can also specify explicitly the user ID (UID) and group ID (GID) that you want users to be mapped to rather than the defaults for the user nobody. For example:
Was this article helpful?