Return-Path: linux-nfs-owner@vger.kernel.org Received: from fieldses.org ([174.143.236.118]:57636 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756862Ab3JNRpl (ORCPT ); Mon, 14 Oct 2013 13:45:41 -0400 Date: Mon, 14 Oct 2013 13:45:40 -0400 To: Wangminlan Cc: "linux-nfs@vger.kernel.org" Subject: Re: Different sequence of "exportfs" produce different effects on nfs client mounts Message-ID: <20131014174540.GA27747@fieldses.org> References: <3962238FD7EA0F41B1810E7ABEAFBC314CEF9ACF@szxema505-mbs.china.huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 In-Reply-To: <3962238FD7EA0F41B1810E7ABEAFBC314CEF9ACF@szxema505-mbs.china.huawei.com> From: "J. Bruce Fields" Sender: linux-nfs-owner@vger.kernel.org List-ID: On Mon, Oct 14, 2013 at 02:16:58AM +0000, Wangminlan wrote: >   Hi, >    I’ve got a problem on the nfs exportfs command. I’m not sure if this is the right place to ask this, if not, can you please tell me where? >    >    Here’s what I need: >   1. I have a folder named /mnt/fs1 to be exported. >   2. All the host in subnetwork 192.168.0.0/16 should be able access this folder, but their root should be squashed. >   3. Some specified host in the same subnetwork can gain the root permission on the folder, for example: 192.168.0.21, 192.168.0.22. >    >   I’ve got a SLES11SP1 box as the nfs server, the nfs clients are SLES11SP1, too, and the protocol used between clients and server are NFSv3. >   Here are the commands I used to do the export: >   #exportfs –o rw,root_squash 192.168.0.0/16:/mnt/fs1 >   #exportfs –o rw,no_root_squash 192.168.0.21:/mnt/fs1 >   #exportfs –o rw,no_root_squash 192.168.0.22:/mnt/fs1 >   After this, everything works as expected. >    >   But, after the following operations: >   #exportfs –u 192.168.0.0/16:/mnt/fs1 /* Delete this export */ >   # exportfs –o rw,root_squash 192.168.0.0/16:/mnt/fs1 /* And add it again */ >   Hosts on 192.168.0.21 and 192.168.0.22 doesn’t get root permission any more. when I tried to write a file, it complains about “Permission denied”. >    >   So, does the order of exportfs command has something to do the final result? Or am I doing something wrong? That sounds like a bug. The contents of /proc/net/rpc/auth.unix.ip/content and /proc/net/rpc/nfsd.export/content after getting the above "permission denied" might be interesting.