14.1 NFS / mountd : -alldirs not working as expected

Reply: Rick Macklem : "Re: 14.1 NFS / mountd : -alldirs not working as expected"
Reply: Rick Macklem : "Re: 14.1 NFS / mountd : -alldirs not working as expected"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Michael Proto <mike_at_jellydonut.org>
Date: Thu, 21 Nov 2024 04:00:44 UTC
Hello all,

Running into an issue with a 14.1 server that I think is a bug, though
it may be me not interpreting documentation correctly so I wanted to
ask here.

Using NFSv3, with FreeBSD 14.1 as the NFS server. Based on what I see
in exports(5), if I want to export conditional mounts (IE filesystem
paths that are intermittently mounted locally on server) I should use
-alldirs and specify the mount-point as the export. Per the manpage,
this export should only be accessible when the exported directory is
actually the root of a mounted filesystem. Currently if mountd is
HUPed while the export isn't a filesystem mount I get the warning
about exporting the filesystem "below" the export (root-FS in this
case) and I can actually mount the root-FS from the client, instead of
getting an error as I would expect. Using the specific example for a
sometimes-mounted /cdrom in exports(5) can demonstrate this behavior.

  /etc/rc.conf :
nfs_server_enable="YES"
rpcbind_enable="YES"
rpc_statd_enable="YES"
rpc_lockd_enable="YES"
mountd_enable="YES"

  /etc/exports :
/cdrom -alldirs,quiet,ro -network=10.0.0.0/24

(at this time /cdrom exists as a directory but is not currently a
filesystem mount point)
on the server:
root@zfstest1:~ # killall -HUP mountd

  /var/log/messages:
Nov 20 22:34:56 zfstest1 mountd[27724]: Warning: exporting /cdrom
exports entire / file system

root@zfstest1:~ # showmount -e
Exports list on localhost:
/cdrom                             10.0.0.0


on a client, I can now mount "/" from my server zfstest1:

root@client1:~ # mount -r -t nfs zfstest1:/ /mnt
root@client1:~ # mount | tail -n1
zfstest1:/ on /mnt (nfs, read-only)

The root-FS of zfstest1 is indeed visible in /mnt on client1

From what I see in /usr/src/usr.sbin/mountd/mountd.c this isn't
supposed to happen (I'm no C programmer but this did read something
like I should receive an export error from mountd when I send a HUP):
...
                } else if (!strcmp(cpopt, "alldirs")) {
                        opt_flags |= OP_ALLDIRS;
...
                                if (opt_flags & OP_ALLDIRS) {
                                        if (errno == EINVAL)
                                                syslog(LOG_ERR,
                "-alldirs requested but %s is not a filesystem mountpoint",
                                                    dirp);
                                        else
                                                syslog(LOG_ERR,
                                                    "could not remount %s: %m",
                                                    dirp);
                                        ret = 1;
                                        goto error_exit;
                                }

I suspect this code path isn't being hit since I'm getting the mountd
warning I referenced above instead of this error. This appears to be a
possible recurrence of a very old bug that depicts similar behavior :
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=170413
While it appears the "-sec" issue referenced in that bug is fixed in
the listed PRs I didn't see anything on this -alldirs issue that's
also mentioned there, maybe that's why I'm running into this now?

I'd be totally unsurprised if my /etc/exports file isn't configured
correctly, but I reduced my setup to just the example in the exports
man page and I'm struggling to determine how to interpret that
information differently. I also tried an export of /cdrom with only
"-alldirs" as an option and I get the same behavior. Ideas?


Thanks,
Michael Proto