From nobody Thu Nov 28 15:04:10 2024 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XzfjN3w6Wz5dqMP for ; Thu, 28 Nov 2024 15:04:24 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XzfjM6CkVz4FB0 for ; Thu, 28 Nov 2024 15:04:23 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-5cfcb7183deso3507979a12.0 for ; Thu, 28 Nov 2024 07:04:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732806262; x=1733411062; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=eFzKvMVtYWXhgHQjjHjiNwtJVbRXNb1I8B3+u25jQYg=; b=CUgkPMeqX1iJiKH2GgL1SdUwTJkyHGUwq2GgMJ43y58XIRRNkglm25DgutYoRjVUP4 ISdrzbUEk6k0w/oBfslaNwaz5LMqYdk+ugPLgC6rfopzGZhZ/iPFe0sltp/yncNPD92W 2fPwGZJQYJWMuWc1+HL1Y0wQJ/gJdxWHr4nmT8xXD4mJATAuTFgL/x3GRuB+r1f8ljLA sSnYxPMVpMiXJnsGVItEiSDTKjET9l3PWbU8kPM+LGKE/2zmHCFtmfwIR5Z9VIqKtHJP TXW+4s946Tj2hMVJCmCWX+CXFtvwKceaXRL0O9EX11g0j+yvMuCzHb6QsmHaqzMAso8m A5LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732806262; x=1733411062; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eFzKvMVtYWXhgHQjjHjiNwtJVbRXNb1I8B3+u25jQYg=; b=Sp1NyxnEg00a+KPtl2ZwcUZwXxEUXBXddEGnTnG4QCKm5wevCRIrhKeb5ZBZS39cT8 zRym8W6+1wp9w8c2Utiqj9K+WqWgsUkdJhPE9UdLBpdkTy1XiPu16AeGYyffTJWPTuL2 NcFlOqAmCxvF0EsYe9ivE0JdhyEsIGKtfgtCmE5yzsdBFvbcCQIQaDHcuKZLtktQAy3S tpd7QR3Gs6SwujEjHCVkVhGICagFAe1CXfEMRxZRc69i3giFVi4862kfOrtNhihJpDy0 kgDFjjiy6s2FpRwqKEuqvDMyk/VkfN2zDBkVNlr8QFaGZrW5TJ2Of7mM6tx5+JdWv+I/ XPDg== X-Gm-Message-State: AOJu0Yy/lRkD69pdd6uhk//7njFPSa/iXTkYWIsdUS8FbiEgRRYIH6eP XC7kO1m7NT/fwuj/vS+9Y46jquxPyY0Aew9P0uzVjrrQJr954Uk6J4pQBI2ruBlguqvZAU0RGVa Bty/14vc5O/kf7pex6FCI88WgOWSMDgc= X-Gm-Gg: ASbGncuaHGJvbhbIRGw04/Nn6MmmOTdNUzAinwTSecZQgycvMAwzo1a5BKHYLyOic1Q FY4GKF8b0chEfWQdXHGY73s1K24FxX2ZW4u524WViDDT7JuaVxPgXBasXHFLcYQ== X-Google-Smtp-Source: AGHT+IHoIcOucxdsNxuODIeJvp6/VmI7v8aSNBuwmELVDGnX1Pvabl6xoT2P1FDrGN7CwvjYB/q8DrbmZ7dtGJWvO8Q= X-Received: by 2002:a05:6402:2089:b0:5cf:c1b2:c6ae with SMTP id 4fb4d7f45d1cf-5d0951706afmr4121567a12.17.1732806261481; Thu, 28 Nov 2024 07:04:21 -0800 (PST) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: In-Reply-To: From: Rick Macklem Date: Thu, 28 Nov 2024 07:04:10 -0800 Message-ID: Subject: Re: RFC: fixing PR#282995 To: Bob Bishop Cc: FreeBSD CURRENT , Michael Proto Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Queue-Id: 4XzfjM6CkVz4FB0 X-Spamd-Bar: ---- On Thu, Nov 28, 2024 at 4:36=E2=80=AFAM Bob Bishop wrote: > > Hi, > > > On 27 Nov 2024, at 21:56, Rick Macklem wrote: > > > > Hi, > > > > PR#282995 reports that the "-alldirs" export option is broken, > > since it allows an export where the directory path is not a mount point= . > > > > I'll admit I did not recall this semantic for -alldirs and I now see it= is only > > documented in the "Examples" section of exports(5). > > > > Looking at the code, it appears this was broken between releng1 and > > releng2.0 (about 30years ago) when the call to mount(2) in mountd.c > > was changed from using the path in the exports line to using f_mntonnam= e. > > (The check for "it is a mount point" depended on mount(2) failing becau= se > > the path was not a mount point.) > > > > I do believe the semantic is a useful one, > > Why? Suppose /cdrom is where a CD is mounted sometimes. If this is exported when the CD is not mounted, it will export the "/" file system. --> This export is probably not what the sysadmin wanted. mountd does now generate a warning about this, which was how the exporter spotted the bug. For example (the line in /etc/exports): /cdrom -alldirs will export "/" to "the world" if /cdrom is not mounted. The example in the exports(5) man page claims the export line will fail, so "/" would not be exported. This seems like a better semantic to me. rick > > > although making it that way > > after 30years might be construed as a POLA violation? > > > > So, what do others think I should do with this? > > (A) - Patch mountd to enforce the "must be a mount point when -alldirs > > is specified, plus update exports(5) to state this semantic clea= rly. > > or > > (B) - Patch mountd so that it enforces "must be a mount point when -all= dirs > > is specified, but only enabled via a new mountd command line opt= ion. > > --> ie. Leave the default as not enforced, but allow enforcement= based > > on a new mountd option. > > - Document this in both exports(5) and mountd(8). > > or > > ??? > > (C) - Patch mountd so that it enforces "must be a mount point when -alldi= rs > is specified, but provide a new mountd command line option to rest= ore the old behaviour. > --> ie. Default as enforced, but allow an override based on a new= mountd option. > - Document this in both exports(5) and mountd(8). > > I think that (A) is too POLA-unfriendly. > > > Thanks in advance for your comments, rick > > > > -- > Bob Bishop > rb@gid.co.uk > > > >