During a NFSv3 mount request, the server returns an array of supported
security flavors.
With a Linux server, exports(5) states:
For the purposes of security flavor negotiation, order counts:
preferred flavors should be listed first.
And the Solaris client states in mount_nfs(1M):
NFS Version 3 mounts negotiate a security mode when the server
returns an array of security modes. The
client picks the first mode in the array that is supported on the
client. In negotiations, an NFS Version 3 client
is limited to the security flavors listed in /etc/nfssec.conf.
The Linux nfs(5) states:
If the sec option is not specified, or if sec=sys is specified, the
NFS client uses the AUTH_SYS
security flavor for all NFS requests on this mount point.
So, I'm trying to understand what the Linux client would do if the
export does not support AUTH_SYS and
there is no sec= supplied.
Does the Linux client traverse the array in order until it finds a match
or does it consider which flavor is strongest?
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
