Re: are multiple FSIDs supported?

["J. Bruce Fields" <bfields@fieldses.org>]

On Fri, Oct 23, 2009 at 11:32:44AM -0700, Ben DJ wrote:
> Hello,
> 
> I'm building an NFSv4 FileServer.  My goal is to service multiple
> machines on a LAN, each with their own, isolated namespace (I'm not
> sure that's the right terminology).
> 
> Reading the man page it seems that only ONE fsid=0 export is allowed
> per server.  And that subdirectories of that root CAN be exported, but
> always under the same/one root.
> 
> That doesn't seem like "good isolation" to me.
> 
> My goal would be to export, for example
> 
>  /nfs1 & it's subdirs ONLY to LAN box1
>  /nfs2 & it's subdirs ONLY to LAN box2
>  etc

Multiple export namespaces aren't currently supported.

I'd like to some day, though I'd prefer to vary the namespace based on
server ip address instead of by client ip address.

But for now I'd think just something like:

	/nfs	*(ro,fsid=0,...)
	/nfs/1	box1(rw,nohide,crossmnt)
	/nfs/2	box2(rw,nohide,crossmnt)

should server your purposes.  box1 will still be able to see that a
directory named /nfs/2 exists, but it shouldn't be able to descend into
it.  (And vice-versa for box2 and /nfs/1.)

--b.

> I've seen some mentions & discussion online of multiple-fsid's, where
> /nfs1 would be exported as a root under fsid=0, /nfs2 under fsid=1,
> etc.
> 
> But this approach doesn't look like its currently supported or
> recommended.  Even if it was I haven't found anything that says how a
> nfsv4 client would ADDRESS the specific fsid's.  Something in the
> mount's URI I guess.
> 
> I know I might still be stuck in NFSv3 thinking about this, and NFSv4
> subdirs might be isolated "well enough".
> 
> BenDJ
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html