Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp626540yba; Wed, 15 May 2019 07:17:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqyhLyFkLKfCh/RPTfARx0qxFAFy+7wRV7kZAeEg6PtaZyIBapYXqZmj7NtH3kUb7NxQWX9o X-Received: by 2002:a63:1119:: with SMTP id g25mr8434367pgl.380.1557929834448; Wed, 15 May 2019 07:17:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557929834; cv=none; d=google.com; s=arc-20160816; b=qBCqdHED9tKGQIme3/6GdNUqXQasFAQrIkPd1PiMVegYPI/dWc42BKFGYxY/Grbeys +3veN2b00WccRUos2v4mL/xi9qPgu5Llkd/snX4qpqoirBwqiGkNpI3anyD9Q21cpo+4 t9w6TIGmMjqRelfhEQ0cRRGONTZb7A5bWMIsyfBEc6FPX2D9Yuqs2+C6PbwrZR7u7q6G tCalewWo30hM1wjuZJpFYRVtZQdPn3ZdmiMgh5fSwsU4tZonHimxb4hJQ0Kg6W0KKaM9 zmzoTxqhPsD92PJNZ3pBhXM1z2LIyYi7LFYNz7YEjv1s8jJV9amb9xiqsbiMNojzNiO2 o9sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:from:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:date; bh=/b8v3dhkWoPnT0DdxA+l1RfeBf8V/vdciZHsPvvVNY0=; b=lrBmNAPLhb7oXLDYdn0FdGeNuCJmqf/nNYp9IiLHb9bucP7CoQ4kqCxYY0IF4sMovp /0aO4kN5gn4yVUkSJ14UM/zZ5nJtdqgFBgN46q5K90ZiY7RGnjfuicTk0Ci9+qpdOe8P +ntllmqWXZXlLXJLXLvPbr5pNNaKFrZ+KQe6c/eT6yueqZLHqXL8U3QmdIirWw+LuCnz 5OUZL7aJoW6uPtVLJyA+gyWA4mmUUrNZHJRS4u+n/kSOkzfdcKlcol7lmLD1YP4UY9ch c1WfqDfOpqtSSqmYKUxlzWb+KCXtdSdjaCD+LBQWHBzWMurrU9kz21LzOY8q/TW5ImNx 3BFg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s17si1938311pgj.186.2019.05.15.07.16.55; Wed, 15 May 2019 07:17:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726646AbfEOOOC (ORCPT + 99 others); Wed, 15 May 2019 10:14:02 -0400 Received: from fieldses.org ([173.255.197.46]:60774 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726501AbfEOOOB (ORCPT ); Wed, 15 May 2019 10:14:01 -0400 Received: by fieldses.org (Postfix, from userid 2815) id 8CAD21D39; Wed, 15 May 2019 10:14:01 -0400 (EDT) Date: Wed, 15 May 2019 10:14:01 -0400 To: Trond Myklebust Cc: steved@redhat.com, linux-nfs@vger.kernel.org Subject: Re: [RFC PATCH 4/5] Add support for chrooted exports Message-ID: <20190515141401.GB9291@fieldses.org> References: <20190514204153.79603-1-trond.myklebust@hammerspace.com> <20190514204153.79603-2-trond.myklebust@hammerspace.com> <20190514204153.79603-3-trond.myklebust@hammerspace.com> <20190514204153.79603-4-trond.myklebust@hammerspace.com> <20190514204153.79603-5-trond.myklebust@hammerspace.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190514204153.79603-5-trond.myklebust@hammerspace.com> User-Agent: Mutt/1.5.21 (2010-09-15) From: bfields@fieldses.org (J. Bruce Fields) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Tue, May 14, 2019 at 04:41:52PM -0400, Trond Myklebust wrote: > diff --git a/utils/nfsd/nfsd.man b/utils/nfsd/nfsd.man > index d83ef869d26e..8fb23721daf6 100644 > --- a/utils/nfsd/nfsd.man > +++ b/utils/nfsd/nfsd.man > @@ -167,6 +167,10 @@ Setting these to "off" or similar will disable the selected minor > versions. Setting to "on" will enable them. The default values > are determined by the kernel, and usually minor versions default to > being enabled once the implementation is sufficiently complete. > +.B chroot > +Setting this to a valid path causes the nfs server to act as if the > +supplied path is being prefixed to all the exported entries. I don't feel like this is completely clear. Maybe add an example like: "If the export file contains a line like "/path *(rw)", clients will mount "/path" but the filesystem they see will be the one at "$chroot/path"". ? --b.