Buyer Beware: A Major Change in NFS (in Rawhide) is about to happen

Doug Ledford dledford at redhat.com
Mon Nov 2 15:41:09 UTC 2009


On 10/29/2009 11:17 AM, Steve Dickson wrote:
> 
> 
> On 10/28/2009 03:05 PM, Roland McGrath wrote:
>> It sounds like you are saying that there is no way to export the same
>> host filesystems with the same client-perceived names under v4 as was
>> being done before under v[23].  Is that really true?
> With Pre-F12 servers... Yeah... 
>
> The V4 protocol requires a 'pseudo root' to be defined. Other servers simply 
> make '/' the pseudo root which allows all exports just to work with all versions.
> The Linux server have the feature of being able to define the pseudo root with 
> the use of the 'fsid=0' export option. A feature none of the other servers 
> have. 

Except that when the other servers create a pseudo root, they don't
*also* expose that pseudo root.  I'm fairly strongly of the opinion that
our NFS server should do the same thing: don't expose the pseudo root as
an actual mount.

> Unfortunately, there was no forethought as to what happens when a
> pseudo root is not defined, until recently... Patches in both the
> F-12 kernel and rpc.mountd now dynamically allocate a pseudo root
> when one is not defined... Basically meaning '/' becomes the pseudo 
> root when there is no fsid=0 export option.

And does this explicitly export the / filesystem?  I would certainly
hope not as that could surprise the hell out of an admin when his /
filesystem is now exposed when it didn't use to be.

>>
>> My old /etc/exports is:
>>
>> /mirror                        *(ro,insecure,sync,mp,all_squash)
>>
>> So clients mount server:/mirror to see my /mirror directory's contents.
>> No other /foo directory is exported or visible at all to clients, and
>> that's how it should stay.
>>
>> How do I get the same results for v4 clients?
> Use a F-12 server or added the '/ *(ro,fsid=0)' export entry like:
> 
> /                              *(ro,fsid=0)
> /mirror                        *(ro,insecure,sync,mp,all_squash)

I'm perfectly fine with adding the entry to the exports file, but I
think the fsid=0 export entry should be a non-functioning entry other
than setting the pseudo root.  As you've described it so far, it also
happens to be a live export and I think that's wrong and should be fixed.

-- 
Doug Ledford <dledford at redhat.com>
              GPG KeyID: CFBFF194
	      http://people.redhat.com/dledford

Infiniband specific RPMs available at
	      http://people.redhat.com/dledford/Infiniband

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091102/c4e36976/attachment.sig>


More information about the fedora-devel-list mailing list