Re: and now, back to your regularly scheduled discussion topic...

[guenther () gac edu (Philip Guenther)]

Patrick Horgan said:
> > and now for something completely different (apologies to M. Python):
> >
> > ObBug:  i have recently discovered that it is possible to re-export an
> > imported filesystem under Linux.  to illustrate:
> >
> > hostA --> exports /usr/share to -access=hostB
> > hostB --> a linux box.  re-exports /usr/share to everyone
> > hostC --> not implicitly trusted by hostA, mounts /usr/share
> >
> > aside from any security concerns, this would certainly thrash your nfsd's.
> > does anyone have any experience with this?  i have only recently discovered
> > this, and have not had time to peruse it in depth.
>
> Are you sure about this?  Any system using nfs will allow this, but the
> directory they mount from hostB is the mount directory, not the /usr/share
> form hostA.

Ah, but Linux uses a user level nfs server, which does a couple odd
things.  Not only will it allow the above, but it exports across
partition boundaries (i.e., if /usr and /usr/local are different
partitions, and you export /usr, /usr/local goes along with it.  Most
nfs implementations (All Sun derived?) will give whatever is 'under'
/usr/local instead).

Philip Guenther
guenther () stolaf edu