On 3/29/19 12:56 PM, James Pearson wrote:
Frank Thommen wrote:
I would like to use the NFSv4 ability to create a "root" filesystem with fsid=0, so that I don't have to refer to the whole path of the exported filesystem when I mount it. However I do *not* want this root filesystem to be mountable by any host. Is that possible and how?
E.g Filesystem: /exports/data1 /exports/data2 /exports/data3
/etc/exports: /exports *(ro,no_subtree_check,fsid=0) /exports/data1 host1(rw) /exports/data2 host1(rw) /exports/data3 host2(rw)
host1 and host2 can mount fileserver:/ and access any of the dataN directories at least read-only. That is unwanted. I'd like /exports/data1 and /exports/data2 to be exclusively accessible by host1 and /exports/data3 by host2. But I'd still like to be able to mount e.f. as fileserver:/data1 instead of fileserver:/exports/data1.
I've search around a lot and I have found the question several times, but no solution yet.
It appears to work for me ... host1 will still see data3 under the mount point - but its contents will be empty - similarly, host2 will see data1 and data2 under the mount point, but their contents will be empty
Or have I missed something ?
James Pearson
[better late then never...]
You haven't missed anything and /we/ made a mistake: We hadn't realized, that "fsid" relates to "real" filesystems and not just directories. We had this
/storage /exports none bind 0 0
in /etc/fstab, which made all individual shares (subdirectories of /storage) members of the same fsid and hence they had the same export settings applied. After changing the bind mounts to
/storage/data1 /exports/data1 none bind 0 0 /storage/data2 /exports/data2 none bind 0 0
all exports now work as expected.
Cheers frank