nfsd spam in /var/log/messages
John-Mark Gurney
jmg at funkthat.com
Tue Jul 29 18:21:36 UTC 2014
Rick Macklem wrote this message on Mon, Jul 28, 2014 at 18:47 -0400:
> Russell L. Carter wrote:
> > On 07/28/14 05:55, Rick Macklem wrote:
> >
> > > Assuming /export is one file system on the server, put all
> > > the exports in a single entry, something like:
> > > V4: /export -sec=sys -network 10.0.10 -mask 255.255.255.0
> > > /export/usr/src /export/usr/obj /export/usr/ports /export/packages
> > > /export/library -maproot=root
> > >
> > > OR you can just allow the clients to mount any location
> > > within the server file system using -alldirs like:
> > > V4: /export -sec=sys -network 10.0.10 -mask 255.255.255.0
> > > /export -alldirs -maproot=root
> > >
> > > At least I think I got this correct;-) rick
> >
> > Then it would seem that that it is not possible to do per-host
> > filesystem access control from a single server. Is that true?
> >
> Yes, you can. Each line must be unique w.r.t. the tuple of
> <host, server-filesystem>.
>
> When there are multiple directories within a file system that
> needs to be mounted by a given host (or subnet), those must be
> specified in a single entry.
You know.. mountd really should grow the smarts to handle this, and
warn if the various settings for the fs don't match between lines...
i.e. union the lines as long as they match...
Could be a good project for someone(tm)...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-net
mailing list