Peeking under mount points with NFS

May 5, 2006

Normally, one of NFS's irritating features is that when you mount a filesystem from a server, you don't automatically get access to any sub-filesystems mounted on that filesystem; you have to know about them and mount them yourself.

(Yes, yes, some NFS servers offer features to do this for you; such features have their own problems.)

But there's an old sysadmin trick that turns this into a feature. If you NFS mount a filesystem, such as /, you can see inside directories covered up by active mount points. If you're evil, you can write things there too. Because this is just NFS, you can do it while the system is up in regular multiuser mode without having to perturb it.

The usual situations I've wound up needing this are:

  • something accidentally scribbles into a 'filesystem' that isn't mounted at the time, and it needs to be cleaned up. This usually happens either during early boot or during system maintenance when I make a mistake and don't notice it until later.
  • I need to plant strategic files into the root filesystem to fake having a filesystem mounted; for example, I might need a /var/tmp that still exists before /var is mounted, or need a few device nodes to be in /dev before the dynamic /dev filesystem gets mounted.

(The other not to be discounted peculiar sysadmin use for NFS mounts is that it bypasses all of the usual rootkit infrastructure used to hide files from user-level programs. Most of those modify either user level shared libraries or system call entry points, both of which kernel NFS servers bypass.)

Comments on this page:

By Alan at 2015-03-08 05:05:58:

I don't know if it worked in 2006, but I've used bind mounts for this on Linux.

Bind mounts can do a couple of things you'd otherwise have to self-nfs mount for. (Which I'm sure I've read as being used. Albeit not necessarily recommended. At the time, NFS on linux was known to risk deadlocks, when mounted on the server).

Written on 05 May 2006.
« A subtle advantage of simple wikis
Link: Readable colour text combinations »

Page tools: View Source, View Normal, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Fri May 5 00:33:13 2006
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.