RFC: don't allow any access to unexported mounts for NFSv4
Rick Macklem
rmacklem at uoguelph.ca
Fri Jun 17 14:47:58 UTC 2011
> Quoting Rick Macklem <rmacklem at uoguelph.ca> (from Thu, 16 Jun 2011
> 10:52:18 -0400 (EDT)):
>
> > As such, I think it might be better to remove the "hack" and
> > simply require that all file systems from the NFSv4 root down
> > be exported (which is what is needed for ZFS now, afaik).
>
> This does not match the behavior on Solaris. There we have
> pool/not_exported_dataset/exported_dataset
> and a v4 mount works (I didn't see how to verify if a mounted FS is
> NFSv4, but I modified /etc/default/nfs to have NFS_CLIENT_VERSMIN=4).
>
Yes, one of the reasons I originally did the "hack" was that it made
things "Solaris compatible". However, I found out Solaris does this by
building what generally gets called a "pseudo file system" which, as I
understand it, is basically a file system of empty directories that
mimmics the unexported paths to the exported ones. You could build such
a file system on a small volume. (My comment w.r.t. a workaround.)
Isilon does have a pseudo file system, but my most recent discussion
with them suggested that theirs might not be suitable for upstreaming.
(I once wrote one, but it was garbage that I threw away.:-)
rick
More information about the freebsd-fs
mailing list