[1766] in bugtraq
Re: R. Thomas's NFS question
daemon@ATHENA.MIT.EDU (Marek Michalkiewicz)
Wed May 10 12:32:52 1995
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
To: PETER.T.WHITING@sprint.sprint.com
Date: Wed, 10 May 1995 16:39:58 +0200 (MET DST)
Cc: bugtraq@fc.net
In-Reply-To: <PHJF-7395-1194/27*/I=T/G=PETER/S=WHITING/O=US.SPRINT/ADMD=TELEMAIL/C=US/@MHS> from "PETER.T.WHITING@sprint.sprint.com" at May 9, 95 09:13:22 am
PETER.T.WHITING@sprint.sprint.com:
>
> R. Thomas> hostA --> exports /usr/share to -access=hostB
> R. Thomas> hostB --> a linux box. re-exports /usr/share to everyone
> R. Thamas> hostC --> not implicitly trusted by hostA, mounts /usr/share
[ ... ]
> Not a problem. Host C gets to look at ***HostB's*** /usr/share - the
> one that has HostA's /usr/share mounted over it, not HostA's
> /usr/share. NFS gives you a single hop. In the above example HostA
> could then mount (if perms were granted) HostC's /usr/share and
> everything would work.
The NFS server on Linux is a bit different from that on other systems -
hostC will see hostA's /usr/share re-exported. But this is true only
if nfsd on hostB was started with the -r (--re-export) option.
By default, re-export is disabled and hostC will just see an empty
directory. This is recommended - otherwise if hostA goes down, nfsd
on hostB will hang because it can only process one request at a time.
The Linux NFS server certainly is not the best one, but it is being
worked on. If you are still running version 2.0, please upgrade now -
it has serious bugs. The latest version (maintained by Olaf Kirch)
is 2.2alpha6, available at ftp://linux.nrao.edu/pub/people/okir/nfsd/
Regards,
-- Marek Michalkiewicz <marekm@i17linuxa.ists.pwr.wroc.pl>
