NFS re-exporting

[mouse () Collatz McRCIM McGill EDU (der Mouse)]

> > ObBug:  i have recently discovered that it is possible to re-export
> > an imported filesystem under Linux.  to illustrate:

> > hostA --> exports /usr/share to -access=hostB
> > hostB --> a linux box.  re-exports /usr/share to everyone
> > hostC --> not implicitly trusted by hostA, mounts /usr/share

(not stated, but implicit, is that hostB mounts hostA:/usr/share on
/usr/share.)

I'm not sure I'd call that a bug.  I'm not sure I'd call it a feature,
either, especially if hostC mounts hostB:/usr and sees hostA's
/usr/share under it.  I don't think I'd like this as the default
behavior, but not being able to get it has always struck me as a
peculiar defect in most NFS implementations.

One person says
> Are you sure about this?  Any system using nfs will allow this, but
> the directory they mount from hostB is the mount directory, not the
> /usr/share form hostA.

Another person says
> Not a problem.  Host C gets to look at ***HostB's*** /usr/share - the
> one that has HostA's /usr/share mounted over it, not HostA's
> /usr/share.  NFS gives you a single hop.

Both of these people seem to think that the Sun implementation, which
does function as they describe, is somehow part of the NFS spec, as if
it were a reference implementation rather than a sample implementation.
It is not.  Whether NFS-imported filesystems can be re-exported or not
depends entirely on hostB's NFS implementation.

It is entirely up to each NFS server implementation where it gets the
data to respond to client queries from.  Most get it from their native
filesystems; a few (such as automounters) synthesize it from internal
data structures.  It seems Linux can get it from other machines' NFS
servers as well, a capability I applaud, provided it can be turned off.

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu