From nobody Tue Apr 16 22:31:44 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VJzKs0dxNz5HDVb; Tue, 16 Apr 2024 22:31:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VJzKr5XDKz4ltt; Tue, 16 Apr 2024 22:31:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1713306704; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=fZKB+3FY8Y8dUhJFBwcZhMoAMZskvibNDGaRLXay+AM=; b=laJav9NOngpJ3EXy1KMqp91g0Ot6wjuvvRJiws2lMiXCagZL3tRXxz3OSFnHqdqMoIbj2+ ejVbrkodrIgzDHOKdh8K29WATMfePh4KdMwjhANK3iuyOqmk5v4OQy/4CRpKvT4k3s4ou6 Jk4xxLWPHrEgCzKcVt7LYFNqbT8ilv792Kz57OHnI/DlrxM5vXx89MLLhqB/1G/Hyu/glb xJR6/7IyrJc+0lSYNaSuyRgQtPmQl+m5h3oEqLpglDy1jMEAsohYBVYBbsXs9h20GiBvms 3LbRLwCa704CjKY0vFHoIw0LUfVMPIXUPMhMyWj5Fv0z2GFGnc9WQvQ0+yiYGQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1713306704; a=rsa-sha256; cv=none; b=Gk0a5yL8GnYo5jeuFKxH9q28wR4jpo/J8Ydo5ngzFGRHTjrontLZJzA83k50OQvHhpYiA7 eMMhnkL0kDPgUMVLO/yRY4jcbcA/nFJpbfhAy10inRCwRqN6b8UwPoPyKEaMdnf2YpYRFP 4SFMcuQLYgYorb/8IgK/QH7wOGjqtNXJ+9TlAok3EK2FLQu2pNGjhUD0jjG3uYlEitaX0B SAVax9bUBSefnkGFsr0X68/cc7oYAcVgy8ONrhl3g51Tt09ZVRGQeFgcAIJC/vsMCx8H8v L5LPSWKbXm3fIuwpPWEEkTGQqds9ncRbjXTxZ+C5XTODub4IF/aGPAmKgEhuwg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1713306704; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=fZKB+3FY8Y8dUhJFBwcZhMoAMZskvibNDGaRLXay+AM=; b=RCcu2QCfP09hF5JpZjtIqkuWBnbxs8C9qbV5wwAQT79qdHlOmoVx/Tz5P/JUxrk4xhfeOy gkd1mL3Skngt2kPm/b+AMx648EnfT5p3CuKNowoAkl8RCvUmEEN/ivSIxxBCGGksFgvYnR Suvj/dWXyF4p/oO2/g/F8EpDRjBihcx+gj9dbjpvrofjPs79n3ILgYl3SNEzYhaDeaaP/l NQnHm7uBF32v1ojKBMl+zY0XRMIr3jQ+//yv82AJGA3vIad3Cj7D3fZz7+pRIgAQUZPeI9 +za7mtZG+77Xf3PhKztUPpGFKhKGuJ2dQzDJkk9kdoKwZE3Y6RMTyedPIoQHPw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VJzKr5829z11Nf; Tue, 16 Apr 2024 22:31:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 43GMViCY076383; Tue, 16 Apr 2024 22:31:44 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 43GMViid076380; Tue, 16 Apr 2024 22:31:44 GMT (envelope-from git) Date: Tue, 16 Apr 2024 22:31:44 GMT Message-Id: <202404162231.43GMViid076380@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 9d975e47d5a3 - main - exports.5: Clarify that exported dirs should be local mount points List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9d975e47d5a3638d4f575b2cf97e07bf22b53c7e Auto-Submitted: auto-generated The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=9d975e47d5a3638d4f575b2cf97e07bf22b53c7e commit 9d975e47d5a3638d4f575b2cf97e07bf22b53c7e Author: Mark Johnston AuthorDate: 2024-04-16 22:25:57 +0000 Commit: Mark Johnston CommitDate: 2024-04-16 22:27:02 +0000 exports.5: Clarify that exported dirs should be local mount points If not, then in general the entire filesystem containing the exported directory is accessiable. This may be surprising, so try to make it more clear. Reviewed by: rmacklem, emaste MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D44614 --- usr.sbin/mountd/exports.5 | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/usr.sbin/mountd/exports.5 b/usr.sbin/mountd/exports.5 index a94b5348b572..ee3e9a89f114 100644 --- a/usr.sbin/mountd/exports.5 +++ b/usr.sbin/mountd/exports.5 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 7, 2024 +.Dd April 16, 2024 .Dt EXPORTS 5 .Os .Sh NAME @@ -55,8 +55,8 @@ file system or the NFSv4 tree root for one or more hosts. A long line may be split over several lines by ending all but the last line with a backslash .Pq Ql \e . -A host may be specified only once for each local file or the NFSv4 tree root on the -server and there may be only one default entry for each server +A host may be specified only once for each local file system or the NFSv4 tree +root on the server and there may be only one default entry for each server file system that applies to all other hosts. The latter exports the file system to the .Dq world @@ -66,7 +66,26 @@ be used only when the file system contains public information. In a mount entry, the first field(s) specify the directory path(s) within a server file system that can be mounted on by the corresponding client(s). -There are three forms of this specification. +Note well that exporting a directory on the server does not guarantee that only +files below the exported directory will be accessible. +This is true even in the absence of the +.Fl alldirs +flag. +To provide this guarantee, the exported directories must be local file system +mount points on the server. +For example, if one exports +.Pa /home , +and +.Pa /home +is not a file system mount point, then clients will be able to access arbitrary +files on the root file system. +As such, to avoid confusion with respect to what is exported, it may be prudent +to limit exported directories to server local file system mount points. +When exporting ZFS datasets with the +.Sy sharenfs +property, this is auomatically the case. +.Pp +There are three forms of the directory path specification. The first is to list all mount points as absolute directory paths separated by whitespace. This list of directory paths should be considered an @@ -597,6 +616,7 @@ afterwards, whereas NFSv3 rejects the mount request. .Xr strunvis 3 , .Xr nfsv4 4 , .Xr netgroup 5 , +.Xr zfsprops 7 , .Xr mountd 8 , .Xr nfsd 8 , .Xr rpc.tlsservd 8 ,