Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 2 Aug 1999 03:58:18 -0400 (EDT)
From:      Alfred Perlstein <bright@rush.net>
To:        Kevin Day <toasty@dragondata.com>
Cc:        Matthew Dillon <dillon@apollo.backplane.com>, Martin Blapp <blapp@attic.ch>, freebsd-current@FreeBSD.ORG
Subject:   Re: mountpoint locking with fbsd-nfs
Message-ID:  <Pine.BSF.3.96.990802034912.20420f-100000@cygnus.rush.net>
In-Reply-To: <199908020423.XAA95716@celery.dragondata.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Aug 1999, Kevin Day wrote:

> > 
> > :Yeah, I know about -alldirs... The problem was that we had customers who
> > :wanted us to export their home directories, and unless I gave them their own
> > :filesystem, I couldn't restrict it in the manner i wanted. :)
> > :
> > :Just checking to see that I wasn't missing a way to do this. :)
> > :
> > :Kevin
> > 
> >     I've never in my life tried this - it probably won't work, but ...
> >     use the null device maybe to create a mount point for each home
> >     dir and then export that? 
> > 
> 
> I think it sees through this.
> 
> su-2.03# cat /etc/exports
> /var                            home
> /mnt                            home
> su-2.03# mount
> /dev/wd0s1a on / (NFS exported, local, noatime, soft-updates, writes: sync
> 3970 async 1321097)
> procfs on /proc (local)
> nfs:/home on /usr/home (noatime)
> nfs:/var/mail on /var/mail (noatime)
> /var/tmp on /mnt (local)
> su-2.03# mountd
> Aug  1 23:17:48 celery mountd[89177]: can't change attributes for /mnt
> 
> That was a very good idea though, i'd never have thought of it. :)
> 
> I'll have to play with this more. :)

It cannot ever work properly.

NFS is stateless, the nfs filehandles refer to inodes, you may be able
to get this to actually export files, however i'm pretty sure
without other measures someone would be able to cons up a fake nfs
handle for files he doesn't own.  (I think)

Here's two things that may work:

exporting -alldirs to specific hosts using the -mapall option
in /exports

/home		-mapall=robert roberts.machine
/home		-mapall=julian julains.machine

using a vn device, creating a ufs on it and then mounting it,
then exporting it.  this gives you nice per-user quotas as well :)

-Alfred Perlstein - [bright@rush.net|bright@wintelcom.net] 
systems administrator and programmer
    Wintelcom - http://www.wintelcom.net/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990802034912.20420f-100000>