When playing with NFS under FreeBSD, I've noticed something strange.
You know it's impossible to export 2 directories of the same file system on the server 
to the 1 nfs-client:
server# cat /etc/exports
/usr/c client
/usr/d client
server# killall -HUP mountd
server# showmount -e
/usr/c                             Everyone

There is no /usr/d exported. And we got errors in /var/log/messages:
mountd[377]: can't change attributes for /usr/d
mountd[377]: bad exports list line /usr/d

But it's possible(!) to fool mountd when using the -network key.
Let's try to export /usr/a as read-only system for the whole network, and /usr/b 
writable for one host, and not readable for other. NB! Our NFS-client ( 
is from network. See this example:

server# cat /etc/exports
/usr/a -ro -network -mask
/usr/b -mapall=root

server# killall -HUP mountd
server# showmount -e
Exports list on localhost:

As you see /usr/a and /usr/b successfully exported without errors. Now, from the 
client ( we can mount both of them:

client# mount server:/usr/b /mnt1
client# mount server:/usr/a /mnt
client# mount
server:/usr/b on /mnt1 (nfs)
server:/usr/a on /mnt (nfs)

When we mounted them on client. Let's make additional tests:
client# echo "something stupid" > /mnt/test.txt
client# echo "something stupid1" > /mnt1/test1.txt
client# cat /mnt/test.txt
something stupid
client# cat /mnt1/test1.txt
something stupid1

Oh, my God! Both of the exported directories are writable.

Best regards,
Mikhail Zakharov

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to