[Bug 281417] Inconsistent restrictions on jailed and sharenfs properties affecting NFS in a VNET jail

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281417

            Bug ID: 281417
           Summary: Inconsistent restrictions on jailed and sharenfs
                    properties affecting NFS in a VNET jail
           Product: Base System
           Version: 14.1-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: okiddle@yahoo.co.uk

I'm trying to run the NFS server in a vnet prison but am hitting limitations
when used in conjunction zfs-jail(8) to attach datasets to a jail.

If I try to set sharenfs on a property for which jailed is set, I get:

    cannot set property for 'pool/ds': 'sharenfs' cannot be set on dataset in a
non-global zone

But I can apparently set the sharenfs property on a child dataset of that so it
effectively has both properties by inheritying from the parent.
And at that point it won't let me even remove the sharenfs property - the error
message is the same.

Having applied this hack of relying on inheritance to have both the jailed and
sharednfs properties set. The NFS server is working perfectly well along with
the use of zfs-jail(8). rpc.rquotad doesn't seem to be working though I do have
zfs userspace working inside the jail.

Are these restrictions perhaps a holdover from before NFS was supported from
within jails? And given the error message talking about zones, is it perhaps
more of a Solaris restriction? Can the restriction not now be removed?

-- 
You are receiving this mail because:
You are the assignee for the bug.