CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Rick Macklem <rmacklem@FreeBSD.org>
	Thu, 2 Mar 2023 21:09:01 +0000 (13:09 -0800)
committer	Rick Macklem <rmacklem@FreeBSD.org>
	Thu, 2 Mar 2023 21:09:01 +0000 (13:09 -0800)
commit	4bbbd5875d32f3cbe76235d90243f713eff9b9d0
tree	467eb2f919446649cff92b2158a55939ef3852c6	tree \| snapshot
parent	c7a8502bdf187ccf035c5b29a93e34cc01346a73	commit \| diff

vfs_mount.c: Allow mountd(8) to do exports in a vnet prison

To run mountd in a vnet prison, three checks in vfs_domount()
and vfs_domount_update() related to doing exports needed
to be changed, so that a file system visible within the
prison but mounted outside the prison can be exported.

I did all three in a minimal way, only changing the checks for
the specific case of a process (typically mountd) doing exports
within a vnet prison and not updating the mount point in other
ways.  The changes are:
- Ignore the error return from vfs_suser(), since the file
  system being mounted outside the prison will cause it to fail.
- Use the priv_check(PRIV_NFS_DAEMON) for this specific case
  within a prison.
- Skip the call to VFS_MOUNT(), since it will return an error,
  due to the "from" argument not being set correctly.  VFS_MOUNT()
  does not appear to do anything for the case of doing exports only.

Reviewed by: markj
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D37741