Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 9 Jul 2012 12:50:12 +0300
From:      Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To:        Rick Macklem <rmacklem@uoguelph.ca>
Cc:        freebsd-current@freebsd.org, Vincent Hoffman <vince@unsane.co.uk>
Subject:   Re: Occassional "permission denied" in the middle of a large transfer over NFS
Message-ID:  <20120709095012.GB1338@pm513-1.comsys.ntu-kpi.kiev.ua>
In-Reply-To: <854827461.102645.1341791291213.JavaMail.root@erie.cs.uoguelph.ca>
References:  <4FF9C4F6.9020402@unsane.co.uk> <854827461.102645.1341791291213.JavaMail.root@erie.cs.uoguelph.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sun, Jul 08, 2012 at 07:48:11PM -0400, Rick Macklem wrote:
>
> > Replying to myself just as a record, I have tried nfse and I didnt get
> > the permission denied at all.
> > The only issue I had with it is that it strictly adheres to the syntax
> > in exports(5) while mountd is a little more flexible.
> > 
> > I had
> > /usr/local/export -alldirs -maproot=root 85.xx.xx.xx
> > 
> > /usr is the root of that filesystem
> > 
> > mountd - allowed this but actually silently exports /usr (and all dirs
> > below)
> > 
> Not exactly correct. mountd exports the entire file system in the kernel
> for the NFS server, since exports can only be attached to the mount points
> in the kernel. However, when the client's mount protocol requests a mount
> file handle for anything other than /usr/local/export, it will refuse that.
> (Which means that to mount anything other than /usr/local/export, the client
>  must maliciously "guess" the file handle for mounting.)
> 
> Put another way, a "non-malicious" NFSv3 client will only be able to mount
> /usr/local/export. Robert Watson calls this an "administrative control" and
> feels that it is necessary.

According to the exports(5) manual page and this example (/usr is the mount
point and the -alldir option is given), this example means the following:
"export /usr/local/export only if it is or will be a mount point and
administratively export all subdirectories under it for NFSv2/3 clients".
Good description of the -alldirs option is given in the EXAMPLES section
from exports(5) in paragraph about "/cdrom -alldirs".

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120709095012.GB1338>