Enable NFS v4.2 security labels
Contributors
Suggest changes
PDFs
Beginning with ONTAP 9.9.1, NFS security labels can be enabled. They are disabled by default.
About this task
With NFS v4.2 security labels, ONTAP NFS servers are Mandatory Access Control (MAC) aware, storing and retrieving sec_label attributes sent by clients.
For more information, see RFC7240
|
NFS v4.2 security labels are not currently supported for NDMP dump operations. If security labels are encountered on files or directories, the dump fails. |
Steps
-
Change the privilege setting to advanced:
set -privilege advancedLearn more about
setin the ONTAP command reference. -
Enable security labels:
vserver nfs modify -vserver svm_name -v4.2-seclabel enabledLearn more about
vserver nfs modifyin the ONTAP command reference.