Granted, my "release" is approaching 4 months old now, but it unsettles me that my files/directories are exposed even though they shouldn't be by mountd. % sudo bash % uname -a FreeBSD wkstn-fbsd-ngie 11.0-CURRENT FreeBSD 11.0-CURRENT #14 r283337+9c333ed(isilon-atf): Tue May 26 21:52:48 PDT 2015 ngie@wkstn-fbsd-ngie:/usr/obj/usr/src/sys/GENERIC-WITHOUT-WITNESS amd64 % cat /etc/exports /home/ngie/XXX -maproot=0:0 -alldirs /scratch -maproot=0:0 /usr/src -maproot=0:0 -alldirs /usr/ports -maproot=0:0 -alldirs /usr/ports/distfiles -maproot=0:0 -alldirs [root@wkstn-fbsd-ngie /home/ngie]# showmount -e Exports list on localhost: /usr/src Everyone /usr/ports/distfiles Everyone /usr/ports Everyone /home/ngie/XXX Everyone /scratch Everyone % mkdir /mnt/tmp # THE FOLLOWING SHOULD NOT WORK -- it should fail with `Permission denied` % mount localhost:/home/ngie /mnt/tmp % ls /mnt/tmp (... A whole lot of files get dumped out... ) % echo 'abcdefgh' > foobar % ls -l foobar -rw-r--r-- 1 root ngie 9 Sep 17 17:56 foobar % ls -l /mnt/tmp/foobar -rw-r--r-- 1 root ngie 9 Sep 17 17:56 /mnt/tmp/foobar % df -h . Filesystem Size Used Avail Capacity Mounted on root/home 319G 88G 231G 28% /home % umount /mnt/tmp % mount localhost:/etc /mnt/tmp [tcp] localhost:/etc: Permission denied [tcp6] localhost:/etc: Permission denied
Likely a FreeBSD FS bug. I have 9.3/10.2/a more recent version of CURRENT installed on a few different machines at home (some with and some without ZFS). I'll try and repro this issue there.
The -alldirs flag allows all directories within the file system to be mounted. If the directory specified in the path isn't the root of the file system, then that will include directory paths above the directory. Note that "showmount" uses the Mount protocol and there is no way to express "-alldirs" for it, so showmount can only show the path in the /etc/exports line. Here is the snippet from "man exports": The second is to specify the pathname of the root of the file system fol- lowed by the -alldir flag; this form allows the host(s) to mount at any point within the file system, including regular files if the -r option is used on mountd(8). Although the man pages says "root of the file system", mountd does not enforce this. I am assuming that /home/ngie is the same file system as /home/ngie/XXX. Please close this bug unless you still feel that mountd is not providing the semantics expressed in "man exports" above.
I've been using FreeBSD for over a decade, but missed this nuance.. I'm not sure that it's the right behavior, but it's documented at least. Closing.