You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hpc-cache/configuration.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Explains how to configure additional settings for the cache like MT
4
4
author: ekpgh
5
5
ms.service: hpc-cache
6
6
ms.topic: conceptual
7
-
ms.date: 04/27/2020
7
+
ms.date: 05/06/2020
8
8
ms.author: v-erkel
9
9
---
10
10
@@ -37,13 +37,15 @@ Learn more about MTU settings in Azure virtual networks by reading [TCP/IP perfo
37
37
## Configure root squash
38
38
<!-- linked from troubleshoot -->
39
39
40
-
The **Enable root squash** setting controls how the Azure HPC Cache allows root access. Root squash helps to prevent root-level access from unauthorized clients.
40
+
The **Enable root squash** setting controls how Azure HPC Cache treats requests from the root user on client machines.
41
41
42
-
This setting lets users control root access at the cache level, which can help compensate for the required ``no_root_squash`` setting for NAS systems used as storage targets. (Read more about [NFS storage target prerequisites](hpc-cache-prereqs.md#nfs-storage-requirements).) It also can improve security when used with Azure Blob storage targets.
42
+
When root squash is enabled, root users from a client are automatically mapped to the user "nobody" when they send requests through the Azure HPC Cache. It also prevents client requests from using set-UID permission bits.
43
43
44
-
The default setting is **Yes**. (Caches created before April 2020 might have the default setting **No**.)
44
+
If root squash is disabled, a request from the client root user (UID 0) is passed through to a back-end NFS storage system as root. This configuration might allow inappropriate file access.
45
+
46
+
Setting root squash on the cache can help compensate for the required ``no_root_squash`` setting on NAS systems that are used as storage targets. (Read more about [NFS storage target prerequisites](hpc-cache-prereqs.md#nfs-storage-requirements).) It also can improve security when used with Azure Blob storage targets.
45
47
46
-
When enabled, this feature also prevents use of set-UID permission bits in client requests to the cache.
48
+
The default setting is **Yes**. (Caches created before April 2020 might have the default setting **No**.)
0 commit comments