jailed NFS server
Peter Jeremy
peterjeremy at acm.org
Thu Mar 29 20:29:02 UTC 2012
On 2012-Mar-29 05:12:43 +0300, Beeblebrox <zaphod at berentweb.com> wrote:
>Maybe I will give unfs3 a try. However, One of the reasons I'm trying to
>set it up is to be able to run Tinderbox on that jail for distributed
>compiling. When I did a little searching about unfs3 + Tinderbox + jail, it
>came up with posts about problems and that such setup "does not give good
>results".
Whilst I've not used unfs3 on FreeBSD, I do use it on Solaris to allow
me to NFS export a (ZFS) filesystem from within a zone. My experience
is that it works reasonably well, given its limitations:
- It's single-threaded. This isn't an issue for me because there are
only a couple of light users. It would be useless as a server for
more than that.
- There's no support for locking (lockd/statd).
- A user who has shell access to the server and can mount a filesystem
via unfs3 can DoS the NFS server by killing the unfs3 daemon.
I did find it necessary to fix a number of bugs along the way.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20120329/2c6e5da8/attachment.pgp
More information about the freebsd-fs
mailing list