Buyer Beware: A Major Change in NFS (in Rawhide) is about to happen
Steve Dickson
SteveD at redhat.com
Tue Nov 3 12:47:15 UTC 2009
On 11/02/2009 03:02 PM, Jesse Keating wrote:
> On Mon, 2009-11-02 at 14:23 -0500, Steve Dickson wrote:
>> I'm not sure about this... Actually I like the fact we can define a
>> pseudo root other than '/'... which means you really want a live exported
>> directory with the fsid=0 option... If I am understanding what you are
>> saying...
>
> No, that's not what he's saying. Even if you define a different psuedo
> root other than /, it's likely more common to /not/ want that root
> exported in whole, but rather smaller parts of it, just like you don't
> want / exported in whole, you only want subdirectories exported.
Lets add some context to this since I *really* do want to understand
what you guys are saying...
/export *(ro,fsid=0)
/export/home *(rw)
With the above exports the only part of the server's real root ('/')
that is exposed is the /export directory. So when a client does a
'mount -o v4 server:/ /mnt'
The client will only be able to see /mnt/home (or the /export/home
export).
So as far as exposure, being able to define the root the client
will see, I think, is good thing since it will protect (or hide)
the rest of server's real root directories...
So this is why I'm understanding why the '/export' of the
'/export *(ro,fsid=0)' should not be a live export directory?
steved.
More information about the fedora-devel-list
mailing list