# Bad exports line - why?



## lib13 (Apr 13, 2013)

```
# cat /etc/exports 

/crypt/backups_rw  -maproot=0,alldirs asus hp

/crypt/backups_ro  -mapall=backup:backup,alldirs,ro asus hp

/crypt/jails/mldonkey/home/mldonkey/.mldonkey/incoming -mapall=mldonkey,alldirs,rw asus hp
```

When I insert the third line, /var/log/messages tells me that there's a 


```
bad exports list line /crypt/jails/mldonkey/home/mldonkey/.mldonkey/incoming
```

But I think that I'm not exporting any file twice for the same hosts as stated in the manual for exports.
I don't see how the third line is different from the second.  crypt has a separate partition for it, and I'm trying to export three subdirectories with different options.


----------



## fonz (Apr 13, 2013)

lib13 said:
			
		

> ```
> /crypt/jails/mldonkey/home/mldonkey/.mldonkey/incoming -mapall=mldonkey,alldirs[red],rw[/red] asus hp
> ```


I'm not sure rw is a valid option (it's not mentioned in the exports(5) manual). And NFS exports are R/W by default anyway, so I'd start with ditching that one and see if it helps.


----------



## lib13 (Apr 13, 2013)

You're right about the rw option, it's used for nfs clients not for exports file.

There were two problems in the third line.
First, home is a symlink from /usr/home.
Second, the user mldonkey existed inside the jail but not outside.

Now, I have the line like this:

```
/crypt/jails/mldonkey/home/mldonkey/.mldonkey/incoming -mapall=mldonkey,alldirs asus hp
```

It still returns an error.  But if I substitute the Asus and HP hosts by a different IP, like 192.168.1.100, I get no error from this.

So, again, why does this return an error if I'm exporting files that were not exported before in the previous two lines?


----------



## cpm@ (Apr 14, 2013)

> So, again, why does this return an error if I'm exporting files that were not exported before in the previous two lines?



Use showmount(8) to list shared directories on host(s), and thus come out of doubts.


----------



## lib13 (Apr 14, 2013)

```
# showmount
Hosts on localhost:
```

I have no NFS clients attached right now.


----------



## cpm@ (Apr 14, 2013)

```
/crypt/jails/mldonkey/home/mldonkey/.mldonkey/incoming -mapall=mldonkey,alldirs [color="Red"]asus[/color] [color="red"]hp[/color]
```

Have you try use the IP addresses instead of hosts?


----------



## lib13 (Apr 14, 2013)

Yes, the problem remains.


----------



## cpm@ (Apr 14, 2013)

Oops...did not realize before, but if you are using a path that contains a symlink: don't use it. Use path /usr/home instead.


----------



## fonz (Apr 14, 2013)

lib13 said:
			
		

> First, home is a symlink from /usr/home.


Don't use symlinks in /etc/exports, use the "real" path instead.



			
				lib13 said:
			
		

> Second, the user mldonkey existed inside the jail but not outside.


Either create _a_ user with that UID outside the jail (you can probably give it a different _name_ if you want and lock the account by disabling the password and/or login shell) or just use the numeric ID.


----------



## lib13 (Apr 14, 2013)

fonz said:
			
		

> Don't use symlinks in /etc/exports, use the "real" path instead.
> 
> Either create _a_ user with that UID outside the jail (you can probably give it a different _name_ if you want and lock the account by disabling the password and/or login shell) or just use the numeric ID.


These two issues were already taken care of, thanks!

The problem seems to be the hosts part in the line. 

```
/crypt/jails/mldonkey/usr/home/mldonkey/.mldonkey/incoming -mapall=mldonkey 192.168.1.200
```

'192.168.1.200' = 'asus'

If I include either 'asus' or '192.168.1.200', or 'hp', there's a complaint in /var/log/messages.
If I use an IP that was not used in one of the first two lines:

```
/crypt/backups_rw  -maproot=0,alldirs asus hp
/crypt/backups_ro  -mapall=backup:backup,alldirs,ro asus hp
```
All is fine.

I'm trying to share three different subdirectories of /crypt
Have no idea why this is happening.


----------



## cpm@ (Apr 14, 2013)

Assuming /crypt/backups_rw, /crypt/backups_ro, and /crypt/jails/mldonkey/usr/home/mldonkey/.mldonkey/incoming are all on the same /usr filesystem, just set up one export using -alldirs instead.

However, you cannot export subdirectories of /usr with different permissions (some ro, some rw) to the same subnet...you would have to use different filesystems to do that.


----------



## lib13 (Apr 14, 2013)

/crypt is a directory in the root of the file system.

In the manual of exports I don't fully understand what is meant by file system.  Is a file system a tree descending from root (1), or is a file system a tree descending from some point in some tree hierarchy (2), or is a file system some file system of an autonomous partition (3)?

If it's (1) or (3), then the second line in exports should also return an error from mountd, or not?

If file system is meant as in (2), then it explains why the second line in exports doesn't return an error.  But then, why there's an error caused by the third line?


```
# grep crypt /etc/fstab [FILE]/etc/fstab[/FILE]
/dev/ada0p8.eli  /crypt     ufs     rw      3   3
/crypt/backups_rw  /crypt/backups_ro  nullfs 0 0
```


----------



## sa (Apr 15, 2013)

NFS exports are file system based, this is true for NFSv2/3/4. Here file system means all files and directories with the same fsid values, all files and directories that belong to some file system mounted under some mount point. If one "exports" some subdirectory in exports(5), then this "works" only for the MOUNT protocol used by NFSv2/3 clients, so actually the entire file system is exported this "exported" subdirectory belongs to. NFSv4 clients do not use the MOUNT protocol, so they always see entire exported file system. If some subdirectories in NFS exported file system are mount points, then even if hidden parts of exported file system are not visible for file name lookups on a local system, these hidden parts can be accessed by NFS clients (they can guess filehandles for hidden files).

It is unclear what do you want to do with the -alldirs option, but exports(5) manual page specifies: 1) -alldirs must the first option, 2) -alldirs is used for pathname that is the root (mount point) of a file system. Whould mountd worked correctly (it was broken some years ago) all pathnames with -alldirs options will be exported only if they are mount points. And this means that you wrote configuration, that require three pathnames to be mount points and since only the /crypt/backups_ro is a mount point, then it will be exported. Details are in PR bin/170413.


----------



## lib13 (Apr 15, 2013)

Thank you very much @sa, I learned a lot more with your message.

I solved my problem because I mounted a new nullfs pointing to the export I wanted in the third line.

For the record, in case someone has a similar problem:


```
# cat /etc/exports 
/crypt/backups_rw  -maproot=0 asus hp
/crypt/backups_ro  -mapall=backup:backup,ro asus hp
/crypt/mldonkey    -mapall=mldonkey asus hp
```

And the corresponding lines of /etc/fstab


```
/crypt/backups_rw  /crypt/backups_ro  nullfs  ro      0       0
/crypt/jails/mldonkey/usr/home/mldonkey/.mldonkey/incoming   /crypt/mldonkey   nullfs   rw   0   0
```


----------

