On Tue, 17 Jun 2008 18:09:18 -0400 "J. Bruce Fields" <bfields@xxxxxxxxxxxx> wrote: > On Tue, Jun 17, 2008 at 05:59:29PM -0400, Trond Myklebust wrote: > > On Tue, 2008-06-17 at 17:36 -0400, J. Bruce Fields wrote: > > > On Mon, Jun 16, 2008 at 10:28:59AM -0400, Jeff Layton wrote: > > > > Has any thought been given to moving all of the rpc_pipefs upcalls to use > > > > the keyctl API that David Howells did? It seems like that would be better > > > > suited to this sort of application than rpc_pipefs... > > > > > > I haven't looked at it. I've just assumed that since Trond and Kevin > > > have both looked at both API's, then there must be some good reason > > > we're not using it.... > > > > Kevin has spent quite some time working on the keyring support, but as > > far as I understand the amount of time he can continue to spend working > > for CITI has recently been heavily reduced... > > Hm, but I thought that you'd both decided that the gssd upcalls would > end up coexisting with the upcalls in any case? > > If there's a chance we might end up replacing the gssd upcalls entirely, > then--while I don't want to stretch out this one task > indefinitely--still it might be worth my time to go take a look at the > keyctl API's Jeff mentions. > If you're interested, there are several examples of upcalls that use this API in CIFS. I used it for the SPNEGO/Kerberos stuff that I did there several months ago. It's pretty easy to use and can handle a fairly large payload if needed. When it does the upcall, it runs a particular program, so there's no need for a running daemon. That might be considered a good thing here since it may be one less thing that a user has to remember to have running... -- Jeff Layton <jlayton@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
