Re: Possible to make nfs aware of a inotify watch has been set.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2012-11-29 at 10:22 -0500, simo wrote:
> On Thu, 2012-11-29 at 15:49 +0100, Stef Bon wrote:
> > 2012/11/29 Myklebust, Trond <Trond.Myklebust@xxxxxxxxxx>:
> > >> -----Original Message-----
> > >>
> > >> 1. while the filesystems are using credentails or tickets to get access to a
> > >> remote resource, this is a bit difficult for notifyfs.
> > >> Notifyfs bypasses that. Maybe this leads to permissions/abuse I cannot see
> > >> directly.
> > >
> > > Lack of security is a showstopper. There are good reasons why inotify won't allow you to monitor files for which you don't have access permissions.
> > >
> > 
> > Let me explain, I think you not understand fully.
> > 
> > Notifyfs does not allow users/clients to set a watch if there are no
> > read permissions (the object and access for the whole path to it), so
> > there are no security issues there.
> > 
> > What I mean is that any program can contact the remote notifyfs
> > server, and this remote notifyfs server cannot figure out it's a valid
> > request from another notifyfs server, or a program faking that.
> > In the construction I describe it does not check that (yet).
> > 
> > >>
> > >> What do you think, is the latest option possible??
> > >
> > > So what is the killer app for inotify on NFS/CIFS/FUSE? What programs do you need to run on a NFS/CIFS/FUSE client that use inotify and that wouldn't be better off running on the server instead?
> > >
> > 
> > What do you mean with "better off running on the server instead"?
> > There are a lot of programs interested in fs changes, like a simple
> > file manager. I think it's a very nice feature to see changes right
> > away in the view.
> > It's not a killer app, but a think the whole user experience is
> > improving when your system is able to keep a view (like a view in the
> > file manager) up to date.
> > 
> > > IOW: whose problem are you trying to solve?
> > 
> > I think that enabling fs notify on network filesystems like nfs, cifs
> > and fuse is a good thing (see above). On systems like Windows and iOS
> > since long time this works.
> 
> CIFS has notification capabilities built in (oplocks), as does NFS
> (leases), is this not sufficient ?

NFSv4.1 actually has directory notifications which duplicate most of the
functionality of dnotify. The question I'm asking is "Why should we do
it?", not "can we do it?".

Answers like "well Windows and iOS do it" aren't helpful unless they
include a description of what Windows and iOS apps use it for that we
can't already do on Linux.
If the only application is beagle, then Linux has this really helpful
utility called "ssh", which allows you to avoid wasting a load of
network bandwidth...

-- 
Trond Myklebust
Linux NFS client maintainer

NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%������w��{.n�����{�����ܨ}���Ơz�j:+v�����w����ޙ��&�)ߡ�a����z�ޗ���ݢj��w�f



[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux