Subject: Re: Interface to change NFS exports
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 09/12/2005 10:36:51
--MfFXiAuoTsnnDAfZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Sep 12, 2005 at 11:00:35AM +0200, Manuel Bouyer wrote:
> On Sun, Sep 11, 2005 at 08:48:14PM -0600, Greg Oster wrote:
> >=20
> > If we're making a "shopping list" of changes we'd like to see here... ;)
> >=20
> > When checking to see if an NFS export is allowed, Solaris appears
> > to do a lookup of the IP address at the time the mount request is made,=
=20
> > rather than building a table of IP addresses for the hosts at the=20
> > time mountd is run (as NetBSD does). Ignoring the fact that Dynamic=20
> > DNS may be evil, this means that Solaris behaves much better with=20
> > hosts that happen to be down (and have lost their lease) when mountd=20
> > is restarted, than does NetBSD. (NetBSD gets incredibly unhappy=20
> > because it can't find an IP address for the host at the time mountd=20
> > is run, and so then refuses to run mountd, shutting all hosts out,=20
> > not just the one that might be temporarily off-line. This is=20
> > arguably a security feature, but, well, if you're running NFS, you=20
> > may have Other Security Issues anyway :-} )
> >=20
> > But IMO it'd be way cool if NetBSD could do the same as Solaris and=20
> > delay the lookup of the IP address until the point where the mount=20
> > request is made...=20
>=20
> I think solaris works in a different way than NetBSD does (at last it use=
d to):
> there is no check done in the kenrel at the NFS level, only by mountd
> when a client requests a filehandle at mount time. This means that once y=
ou
> know a filehandle (and you could find one by trying random values), you
> can access a filesystem on the server, even if your IP is not allowed.
>=20
> Now it would be possible to allow dynamic names with an export list in the
> kernel, this just means that mountd would have to install a new export li=
st
> in the kernel each time a new name->ip translation is discovered.
I think that would be fine. I think if we teach mountd about new and old=20
export lists, then we may eventually also add a "delete this, add this"=20
update operation.
Take care,
Bill
--MfFXiAuoTsnnDAfZ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
iD8DBQFDJbyzWz+3JHUci9cRAmIUAJsE6bxKxWaO1EyrVRGle+jS+3optwCfUTYe
TvvYuVjxq3ojnNQG7F9+TI8=
=5TVW
-----END PGP SIGNATURE-----
--MfFXiAuoTsnnDAfZ--