HomeFreeBSD
Diffusion FreeBSD src repository 4bbbd5875d32

vfs_mount.c: Allow mountd(8) to do exports in a vnet prison
4bbbd5875d32
Actions

Description

vfs_mount.c: Allow mountd(8) to do exports in a vnet prison

To run mountd in a vnet prison, three checks in vfs_domount()
and vfs_domount_update() related to doing exports needed
to be changed, so that a file system visible within the
prison but mounted outside the prison can be exported.

I did all three in a minimal way, only changing the checks for
the specific case of a process (typically mountd) doing exports
within a vnet prison and not updating the mount point in other
ways. The changes are:

  • Ignore the error return from vfs_suser(), since the file system being mounted outside the prison will cause it to fail.
  • Use the priv_check(PRIV_NFS_DAEMON) for this specific case within a prison.
  • Skip the call to VFS_MOUNT(), since it will return an error, due to the "from" argument not being set correctly. VFS_MOUNT() does not appear to do anything for the case of doing exports only.

Reviewed by: markj
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D37741

Details

Provenance
rmacklemAuthored on Mar 2 2023, 9:09 PM
Reviewer
markj
Differential Revision
D37741: Modify vfs_mount.c so that mountd can run in a vnet prison
Parents
rGc7a8502bdf18: open.2: describe O_RESOLVE_BENEATH errors correctly
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
kern/

rG4bbbd5875d32

View Options

sys/kern/vfs_mount.c

Loading...