Date: Tue, 9 Jan 1996 12:53:45 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: hedley@cs.bris.ac.uk (David Hedley) Cc: freebsd-questions@freebsd.org Subject: Re: NFS exporting... Message-ID: <199601091953.MAA12657@phaeton.artisoft.com> In-Reply-To: <15419.821207468@danno> from "David Hedley" at Jan 9, 96 05:11:08 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Why does mountd require that only file system mount points can be > NFS-exported? It seems to want to change some file system flags to reflect > the fact that it is now exportable, but it's a bit of an annoying > restriction. Is there some other reason for this behaviour? I assume you are referring to the inability to do mounts on a subdirectory of an exported FS? The point is to prevent bypass of directory level permissions on path components from the exported mountable file system root to the subdirectory you are interested in. This change first appeared (I believe) in SunOS 4.1.3. There are specific options to defeat this behaviour (see the man pages for details). Mostly, this has to do with the root id from the remote system being mapped as -2 and the -2 ID not being the owner or a memebr of the correct group to traverse the intermediate components. If you allow mapping of a remote root as local ID 0, this should also "fix" the "problem". That is, you must either implicitly or explicity compromise security for what you want to do to work, since what you want to do is a violation of security protocols. > p.s. What kernel do I need to be able to run the Linux emulation stuff? The one that came with your 2.1 installation. If you want to run the Netscape Linux JAVA stuff, you will need a -current kernel (and therefore an entire -current system because of proc.h and other changes) to enable Linux signal handling. Mostly because Netscape does a nasty-no-no and references signal structure contents. > p.p.s. Why does FreeBSD consume far more swap space than Linux? It doesn't. You might mean "why does my swap seem full?". If that is what you really meant, it's because putting stuff in swap rather than discarding it makes it faster to recover than if the pager had to go through the file system to pull in clean (unmodified) blocks from an executable. The actual amount of dirty pages that you can have in core at once is not reduced; the clean pages are displaced as necessary. (note: the above is from memory; there was some talk of modifying the reporting system so as to hide the clean pages as "not present"). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601091953.MAA12657>