From owner-freebsd-fs@FreeBSD.ORG  Mon Sep  8 09:36:49 2008
Return-Path: <owner-freebsd-fs@FreeBSD.ORG>
Delivered-To: freebsd-fs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2B0781065686
	for <freebsd-fs@freebsd.org>; Mon,  8 Sep 2008 09:36:49 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from QMTA10.westchester.pa.mail.comcast.net
	(qmta10.westchester.pa.mail.comcast.net [76.96.62.17])
	by mx1.freebsd.org (Postfix) with ESMTP id C4B008FC23
	for <freebsd-fs@freebsd.org>; Mon,  8 Sep 2008 09:36:48 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28])
	by QMTA10.westchester.pa.mail.comcast.net with comcast
	id C9VT1a0030cZkys5A9coBv; Mon, 08 Sep 2008 09:36:48 +0000
Received: from koitsu.dyndns.org ([67.180.253.227])
	by OMTA10.westchester.pa.mail.comcast.net with comcast
	id C9cn1a0034v8bD73W9cnek; Mon, 08 Sep 2008 09:36:48 +0000
X-Authority-Analysis: v=1.0 c=1 a=_xSQw29cvt0A:10 a=mtup3TuceYcA:10
	a=QycZ5dHgAAAA:8 a=CjxIYXCZoYyU8TlV_H4A:9
	a=TS4qACugJpiZ2I4WPO_g7cvzf8MA:4
	a=EoioJ0NPDVgA:10 a=LY0hPdMaydYA:10
Received: by icarus.home.lan (Postfix, from userid 1000)
	id E2A3D17B84E; Mon,  8 Sep 2008 02:36:46 -0700 (PDT)
Date: Mon, 8 Sep 2008 02:36:46 -0700
From: Jeremy Chadwick <koitsu@FreeBSD.org>
To: Dmitry Morozovsky <marck@rinet.ru>
Message-ID: <20080908093646.GA63681@icarus.home.lan>
References: <alpine.BSF.2.00.0809071836130.76180@woozle.rinet.ru>
	<20080907220104.GA26094@icarus.home.lan>
	<alpine.BSF.2.00.0809080237580.53906@woozle.rinet.ru>
	<20080907233637.GA51889@icarus.home.lan>
	<alpine.BSF.2.00.0809081112410.53906@woozle.rinet.ru>
	<20080908091052.GA63182@icarus.home.lan>
	<alpine.BSF.2.00.0809081321100.74993@woozle.rinet.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.BSF.2.00.0809081321100.74993@woozle.rinet.ru>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: freebsd-fs@freebsd.org, Pawel Jakub Dawidek <pjd@freebsd.org>
Subject: Re: ZFS filesystem: export for more than one subnet
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Sep 2008 09:36:49 -0000

On Mon, Sep 08, 2008 at 01:26:30PM +0400, Dmitry Morozovsky wrote:
> On Mon, 8 Sep 2008, Jeremy Chadwick wrote:
> JC> You changed the syntax of what I gave you as an example.  Look closely:
> JC> 
> JC> # zfs set sharenfs="ro,network=aaa/xx,network=bbb/yy,network=ccc/zz" some_fs
> JC> 
> JC> Here's what you typed in:
> JC> 
> JC> # zfs set sharenfs="ro,alldirs,network=195.54.192.0/26,192.168.39.0/24" bv/FreeBSD
> 
> Anyway, it does not work, alas:
> 
> marck@beaver:~# zfs set sharenfs="ro,alldirs,network=195.54.192.0/26,network=192.168.39.0/24" bv/FreeBSD
> marck@beaver:~# tail /var/log/daemon 
> Sep  8 13:22:11 <daemon.err> beaver mountd[25992]: network/host conflict
> Sep  8 13:22:11 <daemon.err> beaver mountd[25992]: bad exports list line /FreeBSD       -ro -alldirs -network
> marck@beaver:~# cat /etc/zfs/exports 
> # !!! DO NOT EDIT THIS FILE MANUALLY !!!
> 
> /FreeBSD        -ro -alldirs -network=195.54.192.0/26 -network=192.168.39.0/24 

Doh!  Bummer.  :-(

> What I' m trying to express is that there would be need to export the same file 
> system to different address blocks *with different options* - -such as rw/ro, 
> and/or maproot/mapall.

Correct me if I'm wrong: you want an equivalent of the below to actually
work (speaking strictly from an /etc/exports perspective):

/FreeBSD	-ro -alldirs -network=192.168.1.0/24
/FreeBSD	-rw -alldirs -network=192.168.100.0/24
/FreeBSD	-ro -alldirs -network=10.0.0.0/8

Is this right?  If so, I can imagine addressing/fixing this will be
complex.

> I'm starting to think we should either mimic such functionality from 
> OpenSolaris or invent it.

I agree.  A centralised command like share(1) would be sufficient for
what's needed; in concept, something like pw(8) for NFS shares.

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |