mountd/nfs export options
Hi :) Is there a trick or anything I could use to exports 2 directories on the same filesystem, but with different options ? For exemple, I have /dev/ad2s1d mounted on /exports. I would like to export /exports/share1 read-only and /exports/share2 read-write. I know mountd does not support this (security ?), but I would really like to find a way to do this anyway... If you have any idea. Thanks in advance. -- Antoine Jacoutot [EMAIL PROTECTED] http://www.lphp.org PGP/GnuPG key: http://www.lphp.org/ressources/ajacoutot.asc ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Antoine Jacoutot <[EMAIL PROTECTED]> writes: > Is there a trick or anything I could use to exports 2 directories on the same > filesystem, but with different options ? > > For exemple, I have /dev/ad2s1d mounted on /exports. > I would like to export /exports/share1 read-only and /exports/share2 > read-write. > > I know mountd does not support this (security ?), but I would really like to > find a way to do this anyway... > If you have any idea. It's not possible, because there's no way to enforce it... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Lowell Gilbert wrote: Is there a trick or anything I could use to exports 2 directories on the same filesystem, but with different options ? For exemple, I have /dev/ad2s1d mounted on /exports. I would like to export /exports/share1 read-only and /exports/share2 read-write. It's not possible, because there's no way to enforce it... Oh, man, that is to bad :( I've got to find a way to do this or I'll have to use Linux instead, IIRC it allows that kind of sharing. Isn't it possible to use nullfs or unionfs to achieve this ? Thanks a lot for your answer... Regards, Antoine ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Antoine Jacoutot <[EMAIL PROTECTED]> writes: > Lowell Gilbert wrote: > >> Is there a trick or anything I could use to exports 2 directories > >> on the same filesystem, but with different options ? > >> > >>For exemple, I have /dev/ad2s1d mounted on /exports. > >> I would like to export /exports/share1 read-only and > >> /exports/share2 read-write. > > > It's not possible, because there's no way to enforce it... > > > > Oh, man, that is to bad :( > I've got to find a way to do this or I'll have to use Linux instead, > IIRC it allows that kind of sharing. The limitation is in the NFS protocol, not in the FreeBSD implementation, so if Linux lets you do this, you're fooling yourself about the security involved. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Lowell Gilbert wrote: The limitation is in the NFS protocol, not in the FreeBSD implementation, so if Linux lets you do this, you're fooling yourself about the security involved. Allright then... but I'm forced to find way to do this anyway. I guess I have to find another way of sharing those directories... I though about samba, although it feels strange to configure samba for directories sharing between Unices :) Antoine ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Nathan Kinkade wrote: > Must they be two separate exports, or could you simply export /exports and then control read/write access to /exports/share1 and /exports/share2 using regular unix file permissions? For example: dr-xr-xr-x 2 user group 4096 Nov 4 08:34 share1/ drwxrwxrwx 2 user group 4096 Nov 4 08:35 share2/ This seems like an overly simple solution to work in your case, but sometimes the simple things get overlooked. I can do this, unfortunately, what I would like to do is not a read/write permission export option but this: -- /exports/share1 -maproot=nobody:nobody -network 192.168.0.0 -mask 255.255.255.0 /exports/share2 -mapall=root:users -network 192.168.0.0 -mask 255.255.255.0 -- Regards, Antoine ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mountd/nfs export options
Selon Nathan Kinkade <[EMAIL PROTECTED]>: > Hmmm ... again, certainly this is an option that has crossed your mind > already, but would it be impossible or impractical to move > /exports/share2 to a diff filesystem, such that you could then export > with different options. If for some reason share1 and share2 must both The thing is that I cannot move share1 or share2 away from this filesystem because of different reasons... the main one would be money. > /exports/share1 -maproot=nobody:nobody -network 192.168.0.0 > /diff/filesys/share2 -mapall=root:users -network 192.168.0.0 I thank you so much for trying to help me. Unfortunately, I don't see any resolution to this problem but I'm not desperate, I'm sure there's a way to do what I need. One thing I though about: is it possible to force every writes under /exports/share2 to be GID=users ? I'm not an expert when it comes to setgid, but maybe I should have a look at it. Then I could just use: /exports/share1 /exports/share2 -maproot=nobody:nobody -network 192.168.0.0 And every created files to /exports/share2 would be GID=users... I guess... ? Antoine ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
