Date: Tue, 18 Aug 2020 15:57:17 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Julien Cigar <julien@perdition.city>, Allan Jude <allanjude@freebsd.org> Cc: "freebsd-fs@freebsd.org" <freebsd-fs@freebsd.org> Subject: Re: nested zfs datasets and NFS4 Message-ID: <QB1PR01MB336497D16D7B0198A7AE3423DD5C0@QB1PR01MB3364.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <QB1PR01MB336458BE84B1BBB2A5AD978EDD5C0@QB1PR01MB3364.CANPRD01.PROD.OUTLOOK.COM> References: <20200818091643.7yur2ix52z7kppea@x1> <06bf3020-a8b1-8754-7a76-a34086fc1e6b@freebsd.org>, <20200818140502.3s4uc6g3r7lagpfp@x1>, <QB1PR01MB336458BE84B1BBB2A5AD978EDD5C0@QB1PR01MB3364.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
Julien Cigar wrote:=0A= >On Tue, Aug 18, 2020 at 09:19:45AM -0400, Allan Jude wrote:=0A= >> On 2020-08-18 05:16, Julien Cigar wrote:=0A= >> > Hello,=0A= >> >=0A= >> > With the following configuration (1) I don't understand why do I have= =0A= >> > access to /usr/jails/j_www1/filer/webapps/phegea as it is not mounted.= .?=0A= >> > I thought that with nested ZFS datasets each dataset should be exporte= d=0A= >> > and mounted explicitely ..=0A= >> >=0A= >> > (1): https://gist.githubusercontent.com/silenius/2f4e1418d77074d610996= b0977776f18/raw/2cb2e5d0bb7ebd9c8e69d6c14245c41051c11bf5/gistfile1.txt=0A= >> >=0A= >> > any idea?=0A= >> >=0A= >> > Thanks,=0A= >> > Julien=0A= >> >=0A= >> >=0A= >>=0A= >> Are you using NFSv3 or v4 on the client?=0A= >=0A= >v4 only=0A= >=0A= >>=0A= >> With v4, you can cross mount boundries with a single nfs mount. This is= =0A= >> very useful for things like NFS mounting homedirs, as you can mount just= =0A= >> home and have access to each user's personal dataset with out 100s of=0A= >> separate mounts on the client.=0A= If you don't want the NFSv4 server to cross server mount points, you can se= t:=0A= vfs.nfsd.mirrormnt=3D0=0A= (The name isn't very intuitive, but it is what Linux used.)=0A= =0A= >interesting, I thought it was the opposite. I guess that /etc/exports is= =0A= >still taken into account when I'd like to mount a nested dataset as=0A= >read only for example?=0A= If there is no entry in /etc/exports for the file system, the mount point= =0A= would be visible (assuming vfs.nfsd.mirrormnt=3D1), but no access to the=0A= files should be allowed.=0A= =0A= *** The above should have said "...for that client for the file system...".= =0A= =0A= >>=0A= >> If you want a child dataset NOT to be reachable, 'zfs set sharenfs=3Doff= =0A= >> dataset', and it will not be reachable via NFSv4=0A= >>=0A= >=0A= >I don't use sharenfs (I prefer /etc/exports), and it is off by default:=0A= >=0A= >filer1% zfs get sharenfs data/webapps data/webapps/phegea=0A= >NAME PROPERTY VALUE SOURCE=0A= >data/webapps sharenfs off default=0A= >data/webapps/phegea sharenfs off default=0A= >=0A= >(the reason why I'm not using "sharenfs" is that it was impossible in=0A= >the past (don't know if it's still the case) to have multiple export=0A= >lines for the same dataset, so it was impossible to export a dataset rw=0A= >for somehost and ro for anotherhost)=0A= =0A= rick=0A= =0A= > --=0A= > Allan Jude=0A= >=0A= =0A= =0A= =0A= =0A= --=0A= Julien Cigar=0A= Belgian Biodiversity Platform (http://www.biodiversity.be)=0A= PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0=0A= No trees were killed in the creation of this message.=0A= However, many electrons were terribly inconvenienced.=0A= _______________________________________________=0A= freebsd-fs@freebsd.org mailing list=0A= https://lists.freebsd.org/mailman/listinfo/freebsd-fs=0A= To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"=0A= =0A= _______________________________________________=0A= freebsd-fs@freebsd.org mailing list=0A= https://lists.freebsd.org/mailman/listinfo/freebsd-fs=0A= To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"=0A=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?QB1PR01MB336497D16D7B0198A7AE3423DD5C0>