NFS bind mount directories have same filehandle

Question

I have the following exports

/exports/nfs            192.168.1.0/24(fsid=1234,sec=krb5p,rw,no_subtree_check,root_squash,crossmnt,async)
/exports/share          192.168.1.0/24(fsid=2345,ro,no_subtree_check,all_squash,crossmnt,insecure)

Both of these shares have the same directory bind mounted with in them

mount --bind /mnt/bin /exports/nfs/bin
mount --bind /mnt/bin /exports/share/bin

My goal is to expose the same information, but only have the share using krb5 to be writeable.

Whenever a client mounts /exports/share they are unable to ls the binded directories

ls: cannot access '/mnt/share/bin': Operation not permitted

I see the following on the NFS server

 rpc.mountd[12080]: /exports/nfs/bin and /exports/share/bin have same filehandle for 192.168.1.0/24, using first

How can I expose these directories one RW (krb5p) and the other RO (no krb5) to 192.168.1.0/24?

score 0 · Answer 1 · answered Apr 24 '23 at 22:01

I was able to solve this.

I needed to export the bind directory, and set a unique fsid on that as well. I originally thought fsid on the root of the share would be sufficient.

/exports/nfs                192.168.1.0/24(fsid=1234,sec=krb5p,rw,no_subtree_check,root_squash,crossmnt,async)
/exports/nfs/bin            192.168.1.0/24(fsid=1235,sec=krb5p,rw,no_subtree_check,root_squash,crossmnt,async)

/exports/share              192.168.1.0/24(fsid=2345,ro,no_subtree_check,all_squash,crossmnt,insecure)
/exports/share/bin          192.168.1.0/24(fsid=2346,ro,no_subtree_check,all_squash,crossmnt,insecure)

NFS bind mount directories have same filehandle

1 Answers1