Hi!
It is, I fear, like in the subject:
$ tail -4 /etc/exports.d/zfs.exports
/a\040\134053\040b 1(sec=sys,rw,no_subtree_check,mountpoint,crossmnt)
/a\040\134134053\040b 2(sec=sys,rw,no_subtree_check,mountpoint,crossmnt)
/a\040\134134134053\040b 3(sec=sys,rw,no_subtree_check,mountpoint,crossmnt)
/a\040\134134134134053\040b 4(sec=sys,rw,no_subtree_check,mountpoint,crossmnt)
# exportfs -ra
exportfs: Failed to stat /a + b: No such file or directory
exportfs: Failed to stat /a + b: No such file or directory
exportfs: Failed to stat /a + b: No such file or directory
exportfs: Failed to stat /a + b: No such file or directory
I just wanted to export '/a \053 b', of course. The rest are just PoC.
The manual states:
> You can also specify spaces or other unusual character in the export
> name using a backslash followed by the character code as three octal
> digits.
The this happens on 1:1.3.4-6 off Debian, nfs-utils-2.6.1, and
current HEAD (7f8463fe702174bd613df9d308cc899af25ae02e).
strace off HEAD attached.
Best,
наб
Please keep me in CC, as I'm not subscribed.
Following up with more testing:
Given:
$ mkdir 'a \134053 b' 'a \053 b' 'a + b'
$ echo a > 'a \134053 b'/a
$ echo b > 'a \053 b'/b
$ echo c > 'a + b'/c
(henceforth dubbed a, b, c, respectively), such that, trivially:
$ ls -lR 'a \134053 b' 'a \053 b' 'a + b'
'a \053 b':
total 4
-rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 b
'a \134053 b':
total 4
-rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 a
'a + b':
total 4
-rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 c
And each is exported as such:
# exportfs -vo fsid=100 szarotka:'/tmp/a \134053 b'
# exportfs -vo fsid=200 szarotka:'/tmp/a \053 b'
# exportfs -vo fsid=300 szarotka:'/tmp/a + b'
exporting szarotka.nabijaczleweli.xyz:/tmp/a \134053 b
exporting szarotka.nabijaczleweli.xyz:/tmp/a \053 b
exporting szarotka.nabijaczleweli.xyz:/tmp/a + b
Then:
If only a is exported, the following state is achieved:
# exportfs
/tmp/a + b szarotka.nabijaczleweli.xyz
/mnt/filling/machine/1200-S121
<world>
# exportfs -s
/tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=100,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
$ cat /var/lib/nfs/etab
/tmp/a\040\134134053\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=100,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
If then b is also exported, the following state is achieved:
# exportfs
/tmp/a + b szarotka.nabijaczleweli.xyz
/mnt/filling/machine/1200-S121
<world>
# exportfs -s
/tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=100,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
$ cat /var/lib/nfs/etab
/tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=100,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
/tmp/a\040\134053\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=200,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
If then c is also exported, the following state is achieved:
# exportfs
/tmp/a + b szarotka.nabijaczleweli.xyz
/mnt/filling/machine/1200-S121
<world>
# exportfs -s
/tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=300,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
$ cat /var/lib/nfs/etab
/tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=300,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
/mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
Note how a and b were folded into c(?) but not into each other,
which is especially concerning given, that, in /every/ case, regardless
which are exported:
szarotka$ mkdir a b c
szarotka# mount -t nfs tarta:'/tmp/a \134053 b' a
mount.nfs: mounting tarta:/tmp/a \134053 b failed, reason given by server: No such file or directory
szarotka# mount -t nfs tarta:'/tmp/a \053 b' b
mount.nfs: mounting tarta:/tmp/a \053 b failed, reason given by server: No such file or directory
szarotka# mount -t nfs tarta:'/tmp/a + b' c
nabijaczleweli@szarotka:/tmp$ l c
total 4.0K
-rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 c
This could be spun as an "accidental exposure" bug or w/e, but this is
primarily just insane. Or, if it's somehow expected and working as
intended, then it warrants a note in the manual, at least.
Best,
наб
Please keep me in CC, as I'm not subscribed.
> On Mar 30, 2022, at 11:39 AM, наб <[email protected]> wrote:
>
> Following up with more testing:
>
> Given:
> $ mkdir 'a \134053 b' 'a \053 b' 'a + b'
> $ echo a > 'a \134053 b'/a
> $ echo b > 'a \053 b'/b
> $ echo c > 'a + b'/c
> (henceforth dubbed a, b, c, respectively), such that, trivially:
> $ ls -lR 'a \134053 b' 'a \053 b' 'a + b'
> 'a \053 b':
> total 4
> -rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 b
>
> 'a \134053 b':
> total 4
> -rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 a
>
> 'a + b':
> total 4
> -rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 c
>
> And each is exported as such:
> # exportfs -vo fsid=100 szarotka:'/tmp/a \134053 b'
> # exportfs -vo fsid=200 szarotka:'/tmp/a \053 b'
> # exportfs -vo fsid=300 szarotka:'/tmp/a + b'
> exporting szarotka.nabijaczleweli.xyz:/tmp/a \134053 b
> exporting szarotka.nabijaczleweli.xyz:/tmp/a \053 b
> exporting szarotka.nabijaczleweli.xyz:/tmp/a + b
>
> Then:
> If only a is exported, the following state is achieved:
> # exportfs
> /tmp/a + b szarotka.nabijaczleweli.xyz
> /mnt/filling/machine/1200-S121
> <world>
> # exportfs -s
> /tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=100,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
> $ cat /var/lib/nfs/etab
> /tmp/a\040\134134053\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=100,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
>
> If then b is also exported, the following state is achieved:
> # exportfs
> /tmp/a + b szarotka.nabijaczleweli.xyz
> /mnt/filling/machine/1200-S121
> <world>
> # exportfs -s
> /tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=100,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
> $ cat /var/lib/nfs/etab
> /tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=100,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
> /tmp/a\040\134053\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=200,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
>
> If then c is also exported, the following state is achieved:
> # exportfs
> /tmp/a + b szarotka.nabijaczleweli.xyz
> /mnt/filling/machine/1200-S121
> <world>
> # exportfs -s
> /tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,wdelay,root_squash,no_subtree_check,fsid=300,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,crossmnt,no_root_squash,no_subtree_check,mountpoint,sec=sys,rw,secure,no_root_squash,no_all_squash)
> $ cat /var/lib/nfs/etab
> /tmp/a\040+\040b szarotka.nabijaczleweli.xyz(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=300,anonuid=65534,anongid=65534,sec=sys,ro,secure,root_squash,no_all_squash)
> /mnt/filling/machine/1200-S121 *(rw,async,wdelay,hide,crossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,mountpoint,anonuid=65534,anongid=65534,sec=sys,rw,secure,no_root_squash,no_all_squash)
>
> Note how a and b were folded into c(?) but not into each other,
> which is especially concerning given, that, in /every/ case, regardless
> which are exported:
> szarotka$ mkdir a b c
> szarotka# mount -t nfs tarta:'/tmp/a \134053 b' a
> mount.nfs: mounting tarta:/tmp/a \134053 b failed, reason given by server: No such file or directory
> szarotka# mount -t nfs tarta:'/tmp/a \053 b' b
> mount.nfs: mounting tarta:/tmp/a \053 b failed, reason given by server: No such file or directory
> szarotka# mount -t nfs tarta:'/tmp/a + b' c
> nabijaczleweli@szarotka:/tmp$ l c
> total 4.0K
> -rw-r--r-- 1 nabijaczleweli users 2 Mar 30 17:17 c
>
> This could be spun as an "accidental exposure" bug or w/e, but this is
> primarily just insane. Or, if it's somehow expected and working as
> intended, then it warrants a note in the manual, at least.
>
> Best,
> наб
>
> Please keep me in CC, as I'm not subscribed.
It's likely an issue in exportfs itself, so Cc: Steve.
You can see what the kernel thinks is its reality with:
# cat /proc/net/rpc/nfsd.export/content
#path domain(flags)
/export/tmp *(rw,insecure,no_root_squash,async,wdelay,no_subtree_check,uuid=6682b258:02a54061:815cee14:242ddfc2,sec=1:390003:390004:390005)
--
Chuck Lever
On Fri, Apr 01, 2022 at 07:53:30PM +0000, Chuck Lever III wrote:
> It's likely an issue in exportfs itself, so Cc: Steve.
>
> You can see what the kernel thinks is its reality with:
>
> # cat /proc/net/rpc/nfsd.export/content
> #path domain(flags)
> /export/tmp *(rw,insecure,no_root_squash,async,wdelay,no_subtree_check,uuid=6682b258:02a54061:815cee14:242ddfc2,sec=1:390003:390004:390005)
Thanks, this is what I was missing!
As expected from the results, in each case, the line is
/tmp/a\040+\040b *,szarotka.nabijaczleweli.xyz(ro,root_squash,sync,wdelay,no_subtree_check,fsid=300,sec=1)
with the first fsid= exported, except if c was ever exported,
in which case it remains 300.
наб