Date: Fri, 2 Dec 2022 16:04:05 -0800 From: Rick Macklem <rick.macklem@gmail.com> To: Olivier Certner <olivier.freebsd@free.fr> Cc: freebsd-current@freebsd.org Subject: Re: RFC: nfsd in a vnet jail Message-ID: <CAM5tNy63yE%2BL0rjfdYSs_WVwh3_gi8fmRVNiTu9BEKzNj_iYgA@mail.gmail.com> In-Reply-To: <8351812.Gc231LQI4k@ravel> References: <CAM5tNy7CQaBTRWG0m0aN6T0xG2L2zSQJGa%2BatGaH%2BmW%2BwEpdyQ@mail.gmail.com> <1955021.aDjkhKmpDe@ravel> <CAM5tNy5a9GYjJcjXLQvsjF77Gsu6yej5XR=mMTAuVKWxoNfR1A@mail.gmail.com> <8351812.Gc231LQI4k@ravel>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] I think this is worthy of third party testing now. See https://people.freebsd.org/~rmacklem/nfsd-vnet-prison-setup.txt I still haven't tried NFSv3 and I have not ported nfsuserd into the vnet, but most NFSv4 setups don't need it anyhow. Good luck with it if you test it, rick ps: Just replied to a random post for this. On Fri, Dec 2, 2022 at 7:41 AM Olivier Certner <olivier.freebsd@free.fr> wrote: > > To enforce it for cases where mountd/nfsd is not being run would > > definitely be a POLA violation. > > I could not agree more. > > Thanks for the clarification. > > -- > Olivier Certner > > > > [-- Attachment #2 --] <div dir="ltr"><div class="gmail_default" style="font-family:monospace">I think this is worthy of third party testing now.</div><div class="gmail_default" style="font-family:monospace">See <a href="https://people.freebsd.org/~rmacklem/nfsd-vnet-prison-setup.txt">https://people.freebsd.org/~rmacklem/nfsd-vnet-prison-setup.txt</a></div><div class="gmail_default" style="font-family:monospace"><br></div><div class="gmail_default" style="font-family:monospace">I still haven't tried NFSv3 and I have not ported nfsuserd into the vnet,</div><div class="gmail_default" style="font-family:monospace">but most NFSv4 setups don't need it anyhow.</div><div class="gmail_default" style="font-family:monospace"><br></div><div class="gmail_default" style="font-family:monospace">Good luck with it if you test it, rick</div><div class="gmail_default" style="font-family:monospace">ps: Just replied to a random post for this.</div><div class="gmail_default" style="font-family:monospace"></div><div class="gmail_default" style="font-family:monospace"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Dec 2, 2022 at 7:41 AM Olivier Certner <<a href="mailto:olivier.freebsd@free.fr">olivier.freebsd@free.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">> To enforce it for cases where mountd/nfsd is not being run would<br> > definitely be a POLA violation.<br> <br> I could not agree more.<br> <br> Thanks for the clarification.<br> <br> -- <br> Olivier Certner<br> <br> <br> <br> </blockquote></div>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM5tNy63yE%2BL0rjfdYSs_WVwh3_gi8fmRVNiTu9BEKzNj_iYgA>