Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Retrieving mount options #57

Open
ijn101 opened this issue Jun 7, 2018 · 4 comments
Open

Retrieving mount options #57

ijn101 opened this issue Jun 7, 2018 · 4 comments
Labels

Comments

@ijn101
Copy link

ijn101 commented Jun 7, 2018

Hello
Is it at all possible to retrieve mount options that were used on the client? For example, if

mount -o user=myuser server1:/ /mnt/server1

How can I get the value of user?

Thanks!

@kofemann
Copy link
Member

kofemann commented Jun 7, 2018

In general, client mount options stays on the client and not exposed to a server. The server can guess some of them, like used security flavor, IO buffer size, protocol version. But, probably, that's it. The local user mapping, caching options and even request timeout values are not available to the server. Moreover, mount options are different for different OSes.

Why you need them? Which problem you want to solve?

@ijn101
Copy link
Author

ijn101 commented Jun 7, 2018

I'm trying to identify the user who is doing the mount and then serve them their home directory.

I have one export / *(ro,all_root), and then when someone connects, I'm figuring out who they are by their IP address. That's not optimal, however, because multiple users can connect from the same IP.

Another thought was to allow user to mount server1:/myuser directory and then retrieve their user id from mount request. So far can't figure out how to do this in NFSv4. Looks like v3 had this

mountres3 MOUNTPROC3_MNT_3(RpcCall call$, dirpath arg1)

Is there equivalent in v4?

@kofemann
Copy link
Member

kofemann commented Jun 7, 2018

This is, actually, a very interesting use case, which we have as well. In general, it's hard to see for which user mount was triggered, as some requests performed with hosts credentials (root).

However, each user-triggered NFS operation has UID and GID in the RPC request. You can access them in the file system implementation. See Client Subject Inside Rpc Service). Probably you need to treat ROOTFH as clients home directory based on UID in the rpc requests. However, I am not sure, that client's file system cache will be happy about it, as the cached content will makes no sense any more.

@ijn101
Copy link
Author

ijn101 commented Jun 7, 2018

Thank you for the subject pointer, I can see how that's done.

Unfortunately, that does not give me the info I need, so let me make the use case a little bit more interesting :)

Let's say I have a target file system, designed like so:

/data - this directory is the source of actual files.
/users/user1 - contains symlinks into some files in /data that user1 can access - application generated
/users/user2 - contains symlinks into some files in /data that user2 can access - application generated

All of these are backed by EFS, so my NFS spring boot application running inside docker container must have privileged access with root to these directories internally.

user1 and user2 are NOT linux uids, these application user ids.

My NFS service app exports a single mount point ( / ). I cache contents of /users/* directories in the service, so when someone connects, I figure out who they are (currently via IP) and serve contents of appropriate user dir.

Currently, all users use the same mount command to root of my fs - mount server1:/ /mnt/server

So, in a nutshell, I'm looking to find a way to pass/retrieve application user id via the mount command.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants