nfsd spam in /var/log/messages
Rick Macklem
rmacklem at uoguelph.ca
Tue Jul 29 20:34:12 UTC 2014
John-Mark Gurney wrote:
> Rick Macklem wrote this message on Mon, Jul 28, 2014 at 18:47 -0400:
> > Russell L. Carter wrote:
> > > On 07/28/14 05:55, Rick Macklem wrote:
> > >
> > > > Assuming /export is one file system on the server, put all
> > > > the exports in a single entry, something like:
> > > > V4: /export -sec=sys -network 10.0.10 -mask 255.255.255.0
> > > > /export/usr/src /export/usr/obj /export/usr/ports
> > > > /export/packages
> > > > /export/library -maproot=root
> > > >
> > > > OR you can just allow the clients to mount any location
> > > > within the server file system using -alldirs like:
> > > > V4: /export -sec=sys -network 10.0.10 -mask 255.255.255.0
> > > > /export -alldirs -maproot=root
> > > >
> > > > At least I think I got this correct;-) rick
> > >
> > > Then it would seem that that it is not possible to do per-host
> > > filesystem access control from a single server. Is that true?
> > >
> > Yes, you can. Each line must be unique w.r.t. the tuple of
> > <host, server-filesystem>.
> >
> > When there are multiple directories within a file system that
> > needs to be mounted by a given host (or subnet), those must be
> > specified in a single entry.
>
> You know.. mountd really should grow the smarts to handle this, and
> warn if the various settings for the fs don't match between lines...
>
> i.e. union the lines as long as they match...
>
> Could be a good project for someone(tm)...
>
Yep. Of course, once they take a look at the really old, very ugly
mountd.c, they may change their minds. I, for one, am not volunteering;-)
Btw, there was a somewhat non-backwards compatible utility called nfse,
but the author has withdrawn his support, so I am not sure what state
the sources are in.
rick
> --
> John-Mark Gurney Voice: +1 415 225 5579
>
> "All that I will do, has been done, All that I have, has not."
>
More information about the freebsd-net
mailing list