In article <200407072336.06533.ianzag@megasignal.com>,
Ian Zagorskih <ianzag@megasignal.com> wrote:
>On Wednesday 07 July 2004 22:58, der Mouse wrote:
>> > I want to export /home/pcguest as read only and /home/<project> as
>> > read/write for some network.  /home resided on dedicated partition
>>
>> [...]
>>
>> > Question is: why i cannot export several directories from the same
>> > root directory with different access rights ?
>>
>> Because the NetBSD implementation doesn't support it.  Access checking
>> is per-mountpoint on the server; you simply can't get different access
>> properties for different directory trees within the same server-side
>> mount point.
>
>Ugh-ugh.. Ok, i got it. But what should i do if i need to host many projects 
>on some server and export them with NFS ? As minimum, different projects have 
>different access rules. Assigning one mount point per project isn't too good. 
>I can reach the limit of disklabel too fast, not mentioning the 
>administrative nightmare..
>
>> In principle this may be fixable, but it would be extremely difficult
>> (and probably computationally expensive) to get right - consider the
>> case where a directory is rename(2)ed from one sub-tree to another,
>> while a client has filehandles for objects under that directory.
>>
>
>Sorry, i'm not good in NFS, i'm just using it so it's hard for me to evaluate 
>all the cases :)

Use filesystem permissions, and allow the mounts from all relevant hosts.

christos