> On May 21, 2019, at 2:17 PM, Trond Myklebust <trondmy@xxxxxxxxxxxxxxx> wrote: > > On Tue, 2019-05-21 at 13:40 -0400, Chuck Lever wrote: >> Hi Trond - >> >>> On May 21, 2019, at 8:46 AM, Trond Myklebust <trondmy@xxxxxxxxx> >>> wrote: >>> >>> The following patchset adds support for the 'root_dir' >>> configuration >>> option for nfsd in nfs.conf. If a user sets this option to a valid >>> directory path, then nfsd will act as if it is confined to a chroot >>> jail based on that directory. All paths in /etc/exporfs and from >>> exportfs are then resolved relative to that directory. >> >> What about files under /proc that mountd might access? I assume these >> pathnames are not affected. >> > That's why we have 2 threads. One thread is root jailed using chroot, > and is used to talk to knfsd. The other thread is not root jailed (or > at least not by root_dir) and so has full access to /etc, /proc, /var, > ... > >> Aren't there also one or two other files that maintain export state >> like /var/lib/nfs/rmtab? Are those affected? > > See above. They are not affected. > >> IMHO it could be less confusing to administrators to make root_dir an >> [exportfs] option instead of a [mountd] option, if this is not a true >> chroot of mountd. > > It is neither. I made in a [nfsd] option, since it governs the way that > both exportfs and mountd talk to nfsd. My point is not about implementation, it's about how this functionality is presented to administrators. In nfs.conf, [nfsd] looks like it controls what options are passed via rpc.nfsd. That still seems like a confusing admin interface. IMO admins won't care about who is talking to whom. They will care about how the export pathnames are interpreted. That seems like it belongs squarely with the exportfs interface. -- Chuck Lever chucklever@xxxxxxxxx
