/etc/exports - a strange restriction

[Chuck Swiger]

Sergey Matveychuk wrote:
> Norbert Koch wrote:
>>> /usr/tinderbox -ro -alldirs -maproot=0:0 localhost
>>>
>> As far as I know, it is a restriction of the nfs specification.
>> If you only want to export a single directory, you could e.g.
>> use mount_null/mount_nullfs(8).
> 
> Well, in my example remote host is localhost. But if I need to share 
> files on a network?
> I've made a quick look at RFC1813 but could not find this restriction. 
> But why this restriction anyway for? It's very unconvenient.

NFS exports filesystems, not directory trees.  NFS permits you to mount a 
subdirectory of an export/share, but you cannot mount two child directories of 
a share if those directories are ancestors of one another.

It's easier to mount the root of an export/share, and then use symlinks on the 
local drive to reference the portion of the hierarchy that you want to use. 
Rely on filesystem permissions to control access, assuming you trust root on 
the client machine.  (If you don't trust root on the client machine, then you 
probably shouldn't be using NFS at all.)

See "Managing NFS and NIS" published by O'Reilley, or maybe even this by me:

http://www.pkix.net/~chuck/doc/NFS/article.html

:-)

-- 
-Chuck