On Fri, Nov 25, 2022, 4:24 PM Rick Macklem wrote:
> Hi,
>
> bz@ has encouraged me to fiddle with the nfsd
> so that it works in a vnet jail.
> I have now basically done so, specifically for
> NFSv4, since NFSv3 presents various issues.
>
> What I have not yet done is put global variables
> in the vnet. This needs to be done so that the nfsd
> can be run in multiple jail instances and/or in and
> outside of a jail.
> The problem is that there are 100s of global variables.
>
> I can see two approaches:
> 1 - Move them all into the vnet jail. This would imply
> that all the sysctls need to somehow be changed,
> which would seem to be a POLA violation.
> It also implies a lot of stuff in the vnet.
> 2 - Just move the global variables that will always
> differ from one nfsd to another (this would make
> the sysctls global and apply to all nfsds).
> This will keep the number of globals in the vnet
> smaller.
>
> I am currently leaning towards #2, put what do others
> think?
>
> rick
> ps: Personally, I don't know what use there is of
> running the nfsd inside a vnet jail, but bz@ has
> some use case.
>
This is super-awesome! Thank you so much! I've got a use case too. I think
it would be fine to leave most of the settings global, like max_threads.
But we should probably decide on a case by case basis .
>
>
