J. Bruce Fields wrote:
On Thu, Aug 07, 2008 at 02:23:40PM -0400, Peter Staubach wrote:
J. Bruce Fields wrote:
From: J. Bruce Fields <bfields@xxxxxxxxxxxxxx>
RFC 2623 section 2.3.2 permits the server to bypass gss authentication
checks for certain operations that a client may perform when mounting.
In the case of a client that doesn't have some form of credentials
available to it on boot, this allows it to perform the mount unattended.
(Presumably real file access won't be needed until a user with
credentials logs in.)
Being slightly more lenient allows lots of old clients to access
krb5-only exports, with the only loss being a small amount of
information leaked about the root directory of the export.
This affects on v2 and v3; v4 still requires authentication for all
access.
Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxxxxxx>
---
fs/nfsd/nfs3proc.c | 5 +++--
fs/nfsd/nfsfh.c | 30 ++++++++++++++++++++----------
fs/nfsd/nfsproc.c | 6 ++++--
fs/nfsd/vfs.c | 4 ++--
include/linux/nfsd/nfsd.h | 3 ++-
5 files changed, 31 insertions(+), 17 deletions(-)
I intend to submit this for 2.6.28
diff --git a/fs/nfsd/nfs3proc.c b/fs/nfsd/nfs3proc.c
index 4d617ea..1419142 100644
--- a/fs/nfsd/nfs3proc.c
+++ b/fs/nfsd/nfs3proc.c
@@ -530,7 +530,7 @@ nfsd3_proc_fsstat(struct svc_rqst * rqstp, struct nfsd_fhandle *argp,
dprintk("nfsd: FSSTAT(3) %s\n",
SVCFH_fmt(&argp->fh));
- nfserr = nfsd_statfs(rqstp, &argp->fh, &resp->stats);
+ nfserr = nfsd_statfs(rqstp, &argp->fh, &resp->stats, 0);
fh_put(&argp->fh);
RETURN_STATUS(nfserr);
}
@@ -558,7 +558,8 @@ nfsd3_proc_fsinfo(struct svc_rqst * rqstp, struct nfsd_fhandle *argp,
resp->f_maxfilesize = ~(u32) 0;
resp->f_properties = NFS3_FSF_DEFAULT;
- nfserr = fh_verify(rqstp, &argp->fh, 0, NFSD_MAY_NOP);
+ nfserr = fh_verify(rqstp, &argp->fh, 0,
+ NFSD_MAY_NOP | NFSD_MAY_BYPASS_GSS_ON_ROOT);
/* Check special features of the file system. May request
* different read/write sizes for file systems known to have
I would think that you might want to have nfsd3_proc_getattr()
in this list too. Some clients may need to generate a GETATTR
if they need the attributes for the root node.
Do you know of any? rfc 2623 makes it sound like those clients are out
of luck. And testing confirms that this patch is sufficient for the
linux client, at least.
I believe that the Solaris client may. I think that it may
use the attributes returned from the FSINFO call, if there
are any, to prevent the additional GETATTR, but this should
be tested. It might also be interesting to test out a
readonly failover mount on the Solaris client to see what
behavior that that exhibits.
ps
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html