Date: Thu, 21 Nov 2024 04:10:52 -0800 From: Rick Macklem <rick.macklem@gmail.com> To: Michael Proto <mike@jellydonut.org> Cc: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org> Subject: Re: 14.1 NFS / mountd : -alldirs not working as expected Message-ID: <CAM5tNy6P8v_f6gwoa-J%2BQbxznqz5mNOQ-w%2B-eOm34aRSeuEdeQ@mail.gmail.com> In-Reply-To: <CAGAnWo3=mWG70R3k7rP8U0Gh7aWpTvFc5u2GLDWV=vQo38fX6Q@mail.gmail.com> References: <CAGAnWo3=mWG70R3k7rP8U0Gh7aWpTvFc5u2GLDWV=vQo38fX6Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 20, 2024 at 8:01=E2=80=AFPM Michael Proto <mike@jellydonut.org>=
wrote:
>
> Hello all,
>
> Running into an issue with a 14.1 server that I think is a bug, though
> it may be me not interpreting documentation correctly so I wanted to
> ask here.
=3Dalldirs simply means that any directory within the server file system
can be mounted. So, yes, everything up to the root dir can be mounted.
Normally, the directory for such an exports line would be the root director=
y
of the file system, but I doubt mountd actually enforces that, since the ex=
port
line is for "all directories" in the file system.
>
> Using NFSv3, with FreeBSD 14.1 as the NFS server. Based on what I see
> in exports(5), if I want to export conditional mounts (IE filesystem
> paths that are intermittently mounted locally on server)
No idea what you mean by "intermittently mounted locally"?
(An export will be for whatever file system is mounted for the directory
at the time mountd is started or updates exports when a SIGHUP is
sent to it.)
Exporting a file system that is not always mounted on the server is
a very bad idea imho. It would be much better to add the exports(5)
line after the file system is mounted and remove it before the file
system is unmounted, if you need to export a file system not always
mounted.
rick
I should use
> -alldirs and specify the mount-point as the export. Per the manpage,
> this export should only be accessible when the exported directory is
> actually the root of a mounted filesystem. Currently if mountd is
> HUPed while the export isn't a filesystem mount I get the warning
> about exporting the filesystem "below" the export (root-FS in this
> case) and I can actually mount the root-FS from the client, instead of
> getting an error as I would expect. Using the specific example for a
> sometimes-mounted /cdrom in exports(5) can demonstrate this behavior.
>
> /etc/rc.conf :
> nfs_server_enable=3D"YES"
> rpcbind_enable=3D"YES"
> rpc_statd_enable=3D"YES"
> rpc_lockd_enable=3D"YES"
> mountd_enable=3D"YES"
>
> /etc/exports :
> /cdrom -alldirs,quiet,ro -network=3D10.0.0.0/24
>
> (at this time /cdrom exists as a directory but is not currently a
> filesystem mount point)
> on the server:
> root@zfstest1:~ # killall -HUP mountd
>
> /var/log/messages:
> Nov 20 22:34:56 zfstest1 mountd[27724]: Warning: exporting /cdrom
> exports entire / file system
>
> root@zfstest1:~ # showmount -e
> Exports list on localhost:
> /cdrom 10.0.0.0
>
>
> on a client, I can now mount "/" from my server zfstest1:
>
> root@client1:~ # mount -r -t nfs zfstest1:/ /mnt
> root@client1:~ # mount | tail -n1
> zfstest1:/ on /mnt (nfs, read-only)
>
> The root-FS of zfstest1 is indeed visible in /mnt on client1
>
> From what I see in /usr/src/usr.sbin/mountd/mountd.c this isn't
> supposed to happen (I'm no C programmer but this did read something
> like I should receive an export error from mountd when I send a HUP):
> ...
> } else if (!strcmp(cpopt, "alldirs")) {
> opt_flags |=3D OP_ALLDIRS;
> ...
> if (opt_flags & OP_ALLDIRS) {
> if (errno =3D=3D EINVAL)
> syslog(LOG_ERR,
> "-alldirs requested but %s is not a filesystem mountpoint=
",
> dirp);
> else
> syslog(LOG_ERR,
> "could not remount %s=
: %m",
> dirp);
> ret =3D 1;
> goto error_exit;
> }
>
> I suspect this code path isn't being hit since I'm getting the mountd
> warning I referenced above instead of this error. This appears to be a
> possible recurrence of a very old bug that depicts similar behavior :
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D170413
> While it appears the "-sec" issue referenced in that bug is fixed in
> the listed PRs I didn't see anything on this -alldirs issue that's
> also mentioned there, maybe that's why I'm running into this now?
>
> I'd be totally unsurprised if my /etc/exports file isn't configured
> correctly, but I reduced my setup to just the example in the exports
> man page and I'm struggling to determine how to interpret that
> information differently. I also tried an export of /cdrom with only
> "-alldirs" as an option and I get the same behavior. Ideas?
>
>
> Thanks,
> Michael Proto
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM5tNy6P8v_f6gwoa-J%2BQbxznqz5mNOQ-w%2B-eOm34aRSeuEdeQ>