[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-nfs
Subject: Re: [NFS] [PATCH 06/11] nfs-utils: mount: AUTH_NONE mounts
From: Neil Brown <neilb () suse ! de>
Date: 2007-02-28 23:08:17
Message-ID: 17894.2913.850879.838771 () notabene ! brown
[Download RAW message or body]
On Tuesday February 27, staubach@redhat.com wrote:
> Neil Brown wrote:
> > On Monday February 26, SteveD@redhat.com wrote:
> >
> >> commit 0ffd74c990aca3761b79316d47e1b1778273681c
> >> Author: Steve Dickson <steved@redhat.com>
> >> Date: Sat Feb 24 15:27:46 2007 -0500
> >>
> >> Added support to specify the AUTH_NONE security flavor (i.e. -o sec=none)
> >>
> >
> > If you specify "-o sec=none" then data.pseudoflavor will == AUTH_NONE,
> > but
> >
> >
>
> This support is being added so that the client can mount a file system
> which was exported with sec=none.
Ok, so the Changelog comment could be improved...
>
> This loop is looking for AUTH_NONE in the list of authentication
> flavors that the server supports and was returned through the MOUNT
> protocol during mounting.
>
> Basically, if the server file system is exported with AUTH_NONE, then
> it doesn't matter what flavor that the client chooses, the server will
> always map it to AUTH_NONE and all requests will be processed with the
> anonymous uid and gid.
I still don't understand (sorry if I am being dense).
Surely a server could export a filesystem as AUTH_NONE or AUTH_UNIX or
krbi. And it could matter a lot what auth the client uses because if
it uses AUTH_NONE it would have access to many fewer files than
e.g. AUTH_UNIX.
And surely if I mount with "-o sec=krbi", and the server only supports
AUTH_NONE, then the mount should fail. But with the patch as given, I
think it will succeed. What am I missing?
What exactly is the situation where the current code does the wrong
thing, and the new code does the right thing?
Thanks,
NeilBrown
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic