From owner-freebsd-fs@FreeBSD.ORG  Wed Apr 18 23:53:29 2007
Return-Path: <owner-freebsd-fs@FreeBSD.ORG>
X-Original-To: freebsd-fs@freebsd.org
Delivered-To: freebsd-fs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id AEC1816A401
	for <freebsd-fs@freebsd.org>; Wed, 18 Apr 2007 23:53:29 +0000 (UTC)
	(envelope-from amarat@ksu.ru)
Received: from zealot.ksu.ru (zealot.ksu.ru [194.85.245.161])
	by mx1.freebsd.org (Postfix) with ESMTP id 2C38113C483
	for <freebsd-fs@freebsd.org>; Wed, 18 Apr 2007 23:53:28 +0000 (UTC)
	(envelope-from amarat@ksu.ru)
Received: from zealot.ksu.ru (localhost.lnet [127.0.0.1])
	by zealot.ksu.ru (8.13.8/8.13.8) with ESMTP id l3INc0QY014691
	for <freebsd-fs@freebsd.org>; Thu, 19 Apr 2007 03:38:01 +0400 (MSD)
	(envelope-from amarat@ksu.ru)
Message-ID: <4626ABD8.1020205@ksu.ru>
Date: Thu, 19 Apr 2007 03:38:00 +0400
From: "Marat N.Afanasyev" <amarat@ksu.ru>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US;
	rv:1.8.1.2) Gecko/20070418 SeaMonkey/1.1.1
MIME-Version: 1.0
To: freebsd-fs@freebsd.org
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
Subject: adding a fs to /etc/exports deletes noexec flag from mount output
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2007 23:53:29 -0000

Hello!

How to solve the following problem:

I have some very large filesystems that are nfs-exported to some other 
machines, they are mounted there as noexec to make sure that no 
executable will be run from them. on machines where this filesystems 
mounted via nfs with noexec option in /etc/fstab, 
/etc/periodic/security/100.chksetuid doesn't try to find chuid/suid 
files on this filesystems.

On the host machine i see that as fast as i add filesystem to 
/etc/exports 'noexec' option disappears from mount output. and i have 
either to switch off /etc/periodic/security/100.chksetuid completely, or 
wait for find to traverse entire 2T filesystems with huge amount of 
files and directories. it locks up my raid device almost completely, and 
i can read info from device only as fast as 1m per second. It's somehow 
annoying :(

is there any other ways to solve this rather than switching off 
$daily_status_security_chksetuid_enable in /etc/periodic.conf?

-- 
SY, Marat