From owner-freebsd-hackers@FreeBSD.ORG Tue Jun 13 09:18:08 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A728716A41A for ; Tue, 13 Jun 2006 09:18:08 +0000 (UTC) (envelope-from simon@comsys.ntu-kpi.kiev.ua) Received: from comsys.ntu-kpi.kiev.ua (comsys.ntu-kpi.kiev.ua [195.245.194.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFEA343D53 for ; Tue, 13 Jun 2006 09:18:04 +0000 (GMT) (envelope-from simon@comsys.ntu-kpi.kiev.ua) Received: from pm513-1.comsys.ntu-kpi.kiev.ua (pm513-1.comsys.ntu-kpi.kiev.ua [10.18.52.101]) (authenticated bits=0) by comsys.ntu-kpi.kiev.ua (8.13.6/8.13.6) with ESMTP id k5D9J2Ka003995 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 13 Jun 2006 12:19:02 +0300 (EEST) Received: by pm513-1.comsys.ntu-kpi.kiev.ua (Postfix, from userid 1001) id D72625C024; Tue, 13 Jun 2006 12:17:48 +0300 (EEST) Date: Tue, 13 Jun 2006 12:17:48 +0300 From: Andrey Simonenko To: Jeremie Le Hen Message-ID: <20060613091748.GA753@pm513-1.comsys.ntu-kpi.kiev.ua> References: <20060421095610.GA1137@pm513-1.comsys.ntu-kpi.kiev.ua> <20060516092310.GA1110@pm513-1.comsys.ntu-kpi.kiev.ua> <20060612162424.GI19457@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060612162424.GI19457@obiwan.tataz.chchile.org> User-Agent: Mutt/1.5.11 X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=unavailable version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on comsys.ntu-kpi.kiev.ua X-Virus-Scanned: ClamAV 0.82/1456/Thu May 11 08:57:31 2006 on comsys.ntu-kpi.kiev.ua X-Virus-Status: Clean Cc: freebsd-hackers@freebsd.org Subject: Re: [fbsd] Re: Atomic updates of NFS export lists X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jun 2006 09:18:08 -0000 On Mon, Jun 12, 2006 at 06:24:24PM +0200, Jeremie Le Hen wrote: > > I've been annoyed in the past because I couldn't export two directories > from the same filesystem with different credentials [1]. > First, where does this limitation come from ? Then, is it possible to > remove this limitation without being too intrusive in the VFS code ? > > [1] http://lists.freebsd.org/pipermail/freebsd-net/2005-May/007300.html > In current implementation of NFSv2 and v3 filesystems are exported, not directories in filesystems. Suppose you have following configuration: /usr/a -mapall=user1 host1 /usr/b -mapall=user2 host2 /usr/a and /usr/b are in the same filesystem /usr. To start to work with /usr/a, a client host1 sends the MOUNT request to mountd. Mountd verifies that a client is allowed to work with /usr/a and sends a client special filehandle, which a client will use for conversation with nfsserver (the kernel part of NFS). Here the role of mountd is finished for client host1. When mountd starts, it parses /etc/exports and says the nfsserver following configuration: /usr -mapall=user1 host1 -mapall=user2 host2 The kernel knows nothing about settings for directories. As the result it verifies if a client is allowed to work with filesystem according to settings in a filesystem. Suppose you have: /usr/a -mapall=user1 host1 /usr/a -mapall=userx host2 /usr/b -mapall=user2 host2 Now there is a conflict, since host2 has two duplicated export specifications for one filesystem /usr. Exporting directories in a filesystem is good feature in such implementation of NFSv2 and v3 for honest hosts, but really is insecure. You can read more detail description about this at the end of updated exports(5). Right now I cannot answer if it is a good or bad idea, or if it is possible to respect Unix filesystem semantic when putting NFS export specifications to filesystems' directories, rather than to filesystems.