From owner-freebsd-stable Wed Mar 14 16:29:16 2001 Delivered-To: freebsd-stable@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 78BC337B719 for ; Wed, 14 Mar 2001 16:29:12 -0800 (PST) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f2F0T7C15036; Wed, 14 Mar 2001 16:29:07 -0800 (PST) Date: Wed, 14 Mar 2001 16:29:07 -0800 From: Alfred Perlstein To: Sean Kelly Cc: freebsd-stable@FreeBSD.ORG Subject: Re: mountd Message-ID: <20010314162907.Q29888@fw.wintelcom.net> References: <20010314182033.A54552@edgemaster.zombie.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010314182033.A54552@edgemaster.zombie.org>; from smkelly@zombie.org on Wed, Mar 14, 2001 at 06:20:33PM -0600 X-all-your-base: are belong to us. Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Sean Kelly [010314 16:20] wrote: > After reading the manpage and list archives, I've come to (what I believe) > to be the truth in that what I am trying to do with NFS is not possible > with the current implimentation of mountd. > > My NFS server has /usr on a single filesystem, yet I would like to share > subdirectories of /usr with different attributes. An example would be: > > /usr/ports readonly > /usr/src readonly > /usr/local/build read/write > > The idea is that machines with very little disk space will be able to build > ports and source using /usr/build/ as the workdir. As I > understand it, this can't be done since /usr is a single filesystem on the > server and must > a) be listed on single line in /etc/exports > b) have the same attributes for all exported directories > > Am I missing something? If not, why is FreeBSD's mountd implimented this > way when it causes severe limitations such as the one I just came across? > How hard would it be to reimpliment the system? Does anybody have any > suggestions for a quickfix? What is the answer to life, the universe, and > everything? Because it's almost trivial to guess a filehandle because they are based on inodes. If you don't trust a host enough to give it the most relaxed permissions across an entire mount point then you shouldn't be giving it access to that mount point at all. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message