Interactions with mxge, pf, nfsd, and the kernel

Bob Healey healer at rpi.edu
Thu Jul 3 00:34:23 UTC 2014 

Ah.  I change file systems often enough (adding/removing users) that I'd 
need to wrap zfs add and zfs destroy to mangle /etc/exports for me and 
HUP mountd.

Bob Healey
Systems Administrator
Biocomputation and Bioinformatics Constellation
and Molecularium
healer at rpi.edu
(518) 276-4407

On 7/2/2014 8:11 PM, Rick Macklem wrote:
> Bob Healey wrote:
>> What I want to do, and is not valid, is  zfs set
>> sharenfs="maproot=root,network 128.113.185.0/24, network
>> 128.113.186.0/24,network 10.0.0.0/8" tank/home  To get the desired
>> functionality, i have to do zfs set sharenfs="maproot=root,network
>> 0.0.0.0/0" and then set a host level firewall.
>>
> Here is about what I think the lines in /etc/exports would look like:
> /tank -maproot=root -network 128.113.185.0 -mask 255.255.255.0
> /tank -network 128.113.186.0 -mask 255.255.255.0
> /tank/home -network 10.0.0.0 -mask 255.0.0.0
>
> You put these lines in /etc/exports. You do not use the "zfs set sharenfs..."
> command.
>
> Then you "kill -HUP <pid of mountd>" to make it re-read /etc/exports
> and then check /var/log/messages for any parsing errors detected by mountd.
>
> Obviously, I don't really understand your setup, so the above might not
> be correct. My suggestion was to put the lines in /etc/exports and not
> use "zfs set sharenfs...".
>
> rick
>
>> Bob Healey
>> Systems Administrator
>> Biocomputation and Bioinformatics Constellation
>> and Molecularium
>> healer at rpi.edu
>> (518) 276-4407
>>
>> On 7/2/2014 7:50 PM, Ben Morrow wrote:
>>> Quoth Rick Macklem <rmacklem at uoguelph.ca>:
>>>> Bob Healey wrote:
>>>>>>> 10/8.  If there is a way in zfs's sharenfs property to make
>>>>>>> that
>>>>>>> restriction, I'd be happy to change, but I really don't like
>>>>>>> leaving nfs
>>>>>>> open to the university's quartet of /16's, so PF it is.
>>>> You can specify pretty well any subnet for lines in /etc/exports.
>>>> You can export the file systems via /etc/exports. (I'm not a zfs
>>>> guy, but my understanding is that zfs sharenfs just generates
>>>> lines
>>>> for the exports file.)
>>> You can specify any exports(5) options in the sharenfs property.
>>> See
>>> Example 16 in zfs(8).
>>>
>>> Ben
>>>
>>>
>> _______________________________________________
>> freebsd-stable at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>> To unsubscribe, send any mail to
>> "freebsd-stable-unsubscribe at freebsd.org"
>>

More information about the freebsd-stable mailing list