Hi List,

sorry to bring up again this old thread, but I'm kind of puzzled by that 
problem. I think it is worth a try to work around the current constraint 
of not being able to export file systems from inside the local zones by 
exporting them from the global zone.

The interesting automount behavior described in the initial posting can be 
reproduced without using zones:

nfs_server# mkdir -p /one/zone/three/four
nfs_server# chmod 700 /one/zone
nfs_server# share /one/zone/three/four

On the client side:

nfs_client$ showmount -e nfs_server
export list for nfs_server:
/one/zone/three/four                 (everyone)
nfs_client$ cd /net/nfs_server
nfs_client$ cd one
nfs_client$ cd zone
nfs_client$ cd three
nfs_client$ grep nfs_server /etc/mnttab
-hosts  /net/nfs_server/one     autofs  nosuid,ignore,nest,nobrowse,dev=58c008e 
-hosts  /net/nfs_server/one/zone autofs  
nosuid,ignore,nest,nobrowse,dev=58c008f 1181903169
-hosts  /net/nfs_server/one/zone/three   autofs  
nosuid,ignore,nest,nobrowse,dev=58c0090 1181903172
-hosts  /net/nfs_server/one/zone/three/four      autofs  
nosuid,ignore,nest,nobrowse,dev=58c0091 1181903176

So far everything is OK, automount created the necessary autofs structure 
to prepare the mount on /net/nfs_server/one/two/three/four. Changing to the 
next directory (four) will cause automount to trigger automountd to do the 

nfs_client$ cd four
bash: cd: four: Permission denied

Like posted before, if you enter the directory as root the mount succeeds:

nfs_client$ su
nfs_client#  cd four
nfs_client# grep nfs_server /etc/mnttab
-hosts  /net/nfs_server/one/zone/three/four      autofs  
nosuid,ignore,nest,nobrowse,dev=58c0091 1181903176
nfs_server:/one/zone/three/four  /net/qdcc206/one/zone/three/four      nfs     
nosuid,xattr,dev=5880056        1181903620

This problem is caused by the permissions of /one/zone on the NFS server. 
Changing them from 700 back to 755 solves the issue.

nfs_server# chmod 755 /one/zone

And from a different NFS client:

nfs_client1$ cd /net/nfs_server
nfs_client1$ cd one
nfs_client1$ cd zone
nfs_client1$ cd three
nfs_client1$ cd four
nfs_client1$ grep nfs_server /etc/mnttab
-hosts  /net/nfs_server/one/zone/three/four      autofs  
nosuid,ignore,nest,nobrowse,dev=5441d90 1181903808
nfs_server:/one/zone/three/four  /net/qdcc206/one/zone/three/four      nfs     
nosuid,xattr,dev=54052f1        1181903810

The point I don't understand neither is, why the mount executed by automountd 
succeeds for root but not for a non-privileged user. Wasn't automount actually 
created to give non-privileged users the possibility to mount file systems 
like root? Does automount create different mount requests depending on the UID 
of the user who accesses an autofs? Or is this problem caused by permission 
problems on the NFS server side? The only NFS related process that can access 
/one/zone/three/four (with /one/zone set to 700 and owned by root) is mountd. 
All other processes, nfsd, statd, lockd etc, run as UID daemon and don't have
access to the shared dir. 

This message posted from opensolaris.org
zones-discuss mailing list

Reply via email to