Re: ZFS sharenfs broken

In reply to: Alan Somers : "Re: ZFS sharenfs broken"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Shawn Webb <shawn.webb_at_hardenedbsd.org>
Date: Thu, 24 Oct 2024 20:46:27 UTC
That gave me enough of a hint to go on. It does look like it was an
issue with how I originally specified the options.

For posterity's sake, here's how I fixed it:

zfs set sharenfs='-ro -alldirs -network 172.16.1.0 -mask 255.255.255.0' rpool/data/build/pub

(Applied the same sharenfs settings with the other datasets.)

All is well now.

Thanks a bunch, Alan! I really appreciate the help. :-)

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc

On Thu, Oct 24, 2024 at 02:36:47PM UTC, Alan Somers wrote:
> I think that's just an exports(5) syntax error.  I don't think "="
> should follow "-ro".  Try this instead:
> 
> zfs set sharenfs='-ro -alldirs 172.16.1.0/24' rpool/data/build/pub
> 
> On Thu, Oct 24, 2024 at 2:26 PM Shawn Webb <shawn.webb@hardenedbsd.org> wrote:
> >
> > Hey all,
> >
> > I'm exposing some ZFS datasets using the `zfs set sharenfs` option.
> > However, this causes mountd to complain:
> >
> > ==== BEGIN mountd LOG ====
> > Oct 24 20:19:59 hbsd-os-build-01 mountd[89840]: bad exports list line '/data/build/pub/current  -ro'
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: = after op: ro
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: bad exports list line '/data/build/pub  -ro'
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: = after op: ro
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: bad exports list line '/data/build/pub/13-stable        -ro'
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: = after op: ro
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: bad exports list line '/data/build/pub/cross-dso-cfi    -ro'
> > Oct 24 20:20:07 hbsd-os-build-01 mountd[14071]: = after op: ro
> > ==== END mountd LOG ====
> >
> > The command I ran for those datasets:
> >
> > zfs set sharenfs='ro=172.16.1.0/24,-alldirs' rpool/data/build/pub
> >
> > (Replace that last argument with the other datasets. The same exact
> > command was used, just with the dataset changed.)
> >
> > The /etc/zfs/exports file contains:
> >
> > ==== BEGIN exports ====
> > # !!! DO NOT EDIT THIS FILE MANUALLY !!!
> >
> > /data/build/pub -ro=172.16.1.0/24 -alldirs
> > /data/build/pub/13-stable       -ro=172.16.1.0/24 -alldirs
> > /data/build/pub/cross-dso-cfi   -ro=172.16.1.0/24 -alldirs
> > /data/build/pub/current -ro=172.16.1.0/24 -alldirs
> > ==== END exports ===
> >
> > I'm a bit unsure of what to do here. I'm not sure if the issue lies in
> > ZFS or mountd or something else entirely.
> >
> > `uname -a` shows:
> >
> > FreeBSD hbsd-os-build-01 15.0-CURRENT-HBSD FreeBSD 15.0-CURRENT-HBSD #0  hardened/current/master-n194236-a8e5e4e37b03: Thu Oct 24 19:49:31 UTC 2024     root@hbsd-os-build-01:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD amd64
> >
> > Thanks,
> >
> > --
> > Shawn Webb
> > Cofounder / Security Engineer
> > HardenedBSD
> >
> > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
> > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc