From owner-freebsd-questions@freebsd.org Fri Aug 9 14:26:07 2019 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0A37FCA579 for ; Fri, 9 Aug 2019 14:26:07 +0000 (UTC) (envelope-from lee@adminart.net) Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 464nbd2zjQz4d8p for ; Fri, 9 Aug 2019 14:26:04 +0000 (UTC) (envelope-from lee@adminart.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1565360762; s=strato-dkim-0002; d=adminart.net; h=References:Message-ID:Date:In-Reply-To:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=OTPi0qsA6qRSoXhc3gHCMeHhVtO/0kIG5VAMynOQi3c=; b=QofZ0+C3h8RECiLi1lXDPWdH/rV0ZkxdrXI12XmekOvAtMmDh50NINlckTR8nsQSof u/etWTLw9dAjnoBzcuGbkjro3m6LCb87ujuYBd86t0YLnHwtAzA7eR7wJPjUEeltY3dt nRmw5iQMYVodUFguCBsng/Bms3Nmrvd7DhdYwVeJIA2cV/YQ0Miink5ZnNtCoCjvgb5I umU5nE34pc7ma/hhudl6ltSjSvz/yPaPeNLbMaHSYtXha3ObKd9ngzLiXgMjCzSTahK5 x35amerNFP8b9xp2d2IZQDh0VtAjuTTDeNL59losrE/kqEbW/ZHihusxhF/y/3QYR3G9 gkzg== X-RZG-AUTH: ":O2kGeEG7b/pS1FS4THaxjVF9w0vVgfQ9xGcjwO5WMRo5c+h5ceMqQWZ3yrBp+ARdaXvxIDf7nlw=" X-RZG-CLASS-ID: mo00 Received: from himinbjorg.adminart.net by smtp.strato.de (RZmta 44.24 DYNA|AUTH) with ESMTPSA id e0059dv79EQ2w7h (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Fri, 9 Aug 2019 16:26:02 +0200 (CEST) Received: from toy.adminart.net ([192.168.3.55]) by himinbjorg.adminart.net with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from ) id 1hw5qD-0001UQ-Jv; Fri, 09 Aug 2019 16:26:01 +0200 Received: from lee by toy.adminart.net with local (Exim 4.92) (envelope-from ) id 1hw5qD-00008V-I5; Fri, 09 Aug 2019 16:26:01 +0200 From: hw To: Erich Dollansky Cc: freebsd-questions@freebsd.org Subject: Re: Is NFS still broken in FreeBSD? In-Reply-To: <20190809084409.0dc3c669.freebsd.ed.lists@sumeritec.com> (Erich Dollansky's message of "Fri, 9 Aug 2019 08:44:09 +0800") Date: Fri, 09 Aug 2019 16:10:39 +0200 Organization: my virtual residence Message-ID: <87k1bmxwdc.fsf@toy.adminart.net> References: <87v9v7nru4.fsf@toy.adminart.net> <20190809084409.0dc3c669.freebsd.ed.lists@sumeritec.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Rspamd-Queue-Id: 464nbd2zjQz4d8p X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=adminart.net header.s=strato-dkim-0002 header.b=QofZ0+C3; dmarc=none; spf=none (mx1.freebsd.org: domain of lee@adminart.net has no SPF policy when checking 2a01:238:20a:202:5300::5) smtp.mailfrom=lee@adminart.net X-Spamd-Result: default: False [-2.85 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[adminart.net:s=strato-dkim-0002]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-0.998,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[adminart.net]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[adminart.net:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.98)[-0.982,0]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[hw@adminart.net,lee@adminart.net]; RCVD_IN_DNSWL_LOW(-0.10)[5.0.0.0.0.0.0.0.0.0.0.0.0.0.3.5.2.0.2.0.a.0.2.0.8.3.2.0.1.0.a.2.list.dnswl.org : 127.0.5.1]; SUBJECT_ENDS_QUESTION(1.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6724, ipnet:2a01:238::/32, country:DE]; FROM_NEQ_ENVFROM(0.00)[hw@adminart.net,lee@adminart.net]; IP_SCORE(-0.77)[ipnet: 2a01:238::/32(-3.40), asn: 6724(-0.46), country: DE(-0.01)] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Aug 2019 14:26:07 -0000 Erich Dollansky writes: > Hi, > > On Fri, 09 Aug 2019 01:46:27 +0200 > hw wrote: > >> Hi, >> >> according to [1], NFS in FreeBSD is broken, and I'm wondering if it >> still is. >> >> I need to export some directories rw and some ro with an /etc/exports >> like this: >> >> >> /b/tftpboot/FreeBSD/install -ro -maproot=root >> /p/default >> >> >> The "default" directory needs to be exported read-write. That seems >> to be impossible with FreeBSD --- if that is really so, NFS is totally >> broken in FreeBSD. To make it more strange, it worked as intended >> until I restarted the server. NFS v4 doesn't seem to work at all. >> >> This has cost me a whole day now :( >> >> >> [1]: https://forums.freebsd.org/threads/nfs-exports.35966/ > > I alkso learned recently that trusting FreeBSD's handbooks is wrong, > but it looks to me that in you case, it would have helped. I looked at the handbook and the manpage all the time, and neither does help. Look at the man exports, for example: Each line in the file (other than comment lines that begin with a #) specifies the mount point(s) and export flags within one local server file system or the NFSv4 tree root for one or more hosts. A long line may be split over several lines by ending all but the last line with a backslash (`\'). A host may be specified only once for each local file or the NFSv4 tree root on the server and there may be only one default entry for each server file system that applies to all other hosts. The latter exports the file system to the "world" and should be used only when the file system contains public information. Can you write this more poorly, please? And what the hell is it supposed to mean? Since when is NFS used to export single files? Why are hosts somehow being involved? I thought I'd be exporting to clients. Or what do they mean? Then later it says: Mount points for a file system may appear on multiple lines each with different sets of hosts and export options. Besides that this might contradict what has been said before, it is definitely wrong. If you think it's not you need to show how you can export, for example, /directory-a read-only and then /directory-b read-write. On top of that, noone expects NFS to only be able to export whole file systems. I have used NFS 25 years ago and even then it has been able to export what you export and not just whole file systems with only a single set of options. Nobody expects NFS to be unable to export something with only the same access permissions for all clients. It makes NFS useless. Access permissions are usually set _per client_ and _per directory (tree)_ that is being exported. The handbook doesn't make this any more clear than the bad man page. Now please show me how you make an NFS export from FreeBSD which you can mount on Centos 7 using NFS version 4, which is the default for Centos 7. Version 3 still works, but for how long? It comes down to that in FreeBSD, NFS is implemented in some anachronistic[1] and ideosynchratic way, and bad man pages and the handbook don't help that no matter how long you look at them. Either of them could be entirely clear about it. But NFS needs a major overhaul in FreeBSD anyway. [1]: Like the times when hard disks were so small that each node like /usr, /home, /var, /etc ... had to be placed on its own file system are long gone.