"The Linux Gazette...making Linux just a little more fun!"


(?) The Answer Guy (!)


By James T. Dennis, tag@lists.linuxgazette.net
LinuxCare, http://www.linuxcare.com/


(?) Loopback (localhost) NFS Mounting for FTP

From Mark S. Turczan on Sun, 02 May 1999

(?) James,

Would you know of a way to setup a loopback mount within a /home/ftp hierarchy?

Or could you provide a better method to achieve the following?

I've got a set of disks setup under software raid, and I've mounted them under /mnt/raid. What I'd like to do is include a link from a directory under /home/pub/Archive to the actual files under /mnt/raid/Archive. I've tried doing this with a symbolic link, but it doesn't seem to resolve it when I connect through ftp.

(!) When you connect as "anonymous" or "ftp" through the conventionally configure FTP service, or as any member of a "guestgroup" to a WU-FTP daemon, you are in a chroot jail. This is intended to prevent you (an FTP client) from wandering around the filesystem peeking into things where you don't belong (as an anonymous or guest user).
Naturally symbolic links don't pierce through a chroot wall.
It's possible to configure your system to act as an NFS server and client (concurrrently) and to export a directory tree (presumably in read-only mode) to yourself.
This is one of several tricks that is referred to as a "loopback mount" (not to be confused with the mount -o loop=... option which is a way of mounting a file image as a filesystem). In this case you're doing a perfectly normal NFS export, and a perfectly normal NFS mount. The only oddity is that the export and mount are on the same machine and are going through the loopback network interface.
So you put a line in your /etc/exports file like:
/mnt/raid/ftparea 127.0.0.1(ro,insecure)
... and possibly some lines like:
/mnt/raid/ftparea/no/ (noaccess)
(to define a set of subdirectories under the exported directory tree to which you want to deny access).
... and then you use a command like:
mount -t nfs 127.0.0.1:/mnt/raid/ftparea /home/ftp/home
... or whatever.
Personally I think it's horrible kludge. But I've done things sort of like this and it does work.

(?) Thanks for any help you can offer.
--
Mark Turczan

(!) Hope that makes sense.


Copyright © 1999, James T. Dennis
Published in The Linux Gazette Issue 42 June 1999
HTML transformation by Heather Stern of Starshine Techinical Services, http://www.starshine.org/


[ Answer Guy Index ] 1 2 3 4 5 6
7 8 9 10 11 12
13 14 15 16 17 18
19 20 21 22 23 24


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]