From owner-freebsd-questions Tue Jan 9 11:56:52 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id LAA01724 for questions-outgoing; Tue, 9 Jan 1996 11:56:52 -0800 (PST) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id LAA01717 for ; Tue, 9 Jan 1996 11:56:49 -0800 (PST) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id MAA12657; Tue, 9 Jan 1996 12:53:45 -0700 From: Terry Lambert Message-Id: <199601091953.MAA12657@phaeton.artisoft.com> Subject: Re: NFS exporting... To: hedley@cs.bris.ac.uk (David Hedley) Date: Tue, 9 Jan 1996 12:53:45 -0700 (MST) Cc: freebsd-questions@freebsd.org In-Reply-To: <15419.821207468@danno> from "David Hedley" at Jan 9, 96 05:11:08 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org Precedence: bulk > Why does mountd require that only file system mount points can be > NFS-exported? It seems to want to change some file system flags to reflect > the fact that it is now exportable, but it's a bit of an annoying > restriction. Is there some other reason for this behaviour? I assume you are referring to the inability to do mounts on a subdirectory of an exported FS? The point is to prevent bypass of directory level permissions on path components from the exported mountable file system root to the subdirectory you are interested in. This change first appeared (I believe) in SunOS 4.1.3. There are specific options to defeat this behaviour (see the man pages for details). Mostly, this has to do with the root id from the remote system being mapped as -2 and the -2 ID not being the owner or a memebr of the correct group to traverse the intermediate components. If you allow mapping of a remote root as local ID 0, this should also "fix" the "problem". That is, you must either implicitly or explicity compromise security for what you want to do to work, since what you want to do is a violation of security protocols. > p.s. What kernel do I need to be able to run the Linux emulation stuff? The one that came with your 2.1 installation. If you want to run the Netscape Linux JAVA stuff, you will need a -current kernel (and therefore an entire -current system because of proc.h and other changes) to enable Linux signal handling. Mostly because Netscape does a nasty-no-no and references signal structure contents. > p.p.s. Why does FreeBSD consume far more swap space than Linux? It doesn't. You might mean "why does my swap seem full?". If that is what you really meant, it's because putting stuff in swap rather than discarding it makes it faster to recover than if the pager had to go through the file system to pull in clean (unmodified) blocks from an executable. The actual amount of dirty pages that you can have in core at once is not reduced; the clean pages are displaced as necessary. (note: the above is from memory; there was some talk of modifying the reporting system so as to hide the clean pages as "not present"). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.