Public bug reported: Two or more NFS mount points with the same FSID end up silently sharing mount options.
You have an NFS server with the following mount: /dev/sda3 => /mnt/data And then you export two folders from that block device separately via NFS (/etc/exports): /mnt/data/a 10.0.0.0/16 /mnt/data/b 10.0.0.0/16 And on the client you mount them: mount -t nfs server:/mnt/data/a -o rw /exports/a mount -t nfs server:/mnt/data/b -o ro /exports/b You will notice that silently, the second partition gets mounted as 'rw' instead of 'ro'. This is a regression from Edgy (also in Feisty) and poses a potential security risk to system administrators, who may not notice that the second device has been mounted 'rw'. In fact, /etc/mtab (and by extension '/bin/mount') reports that the filesystem was mounted 'ro' (only '/proc/mounts' will tip you otherwise). Two fixes were released to mitigate this problem: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c98451bdb2f3e6d6cc1e03adad641e9497512b49 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e89a5a43b95cdc4305b7c8e8121a380f02476636 The first commit fixed the security aspect of the problem but actually introduced an even more serious regression which resulted in EBUSY when two devices were mounted from the same superblock without specifying the 'nosharecache' option. The second patch resolves the security issue, and automatically disables shared caching on exports with the same FSID. A high level overview of this problem with accompanying LKML thread can be found here: http://kerneltrap.org/Linux/NFS_Regression This bug is fixed as of 2.6.23-r5 ** Affects: linux-source-2.6.22 (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- NFS regression causes subsequent mounts from same superblock to silently use previous mount options https://bugs.launchpad.net/bugs/164231 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
