On Fri, Aug 28, 2009 at 08:53:44AM +0800, Wei Yongjun wrote: > When I test, I just fixed the GSS8 with this patch: > > diff --git a/lib/nfs4/servertests/st_gss.py b/lib/nfs4/servertests/st_gss.py > index 6ad3e3e..dfff598 100644 > --- a/lib/nfs4/servertests/st_gss.py > +++ b/lib/nfs4/servertests/st_gss.py > @@ -330,4 +330,5 @@ def testBadService(t, env): > "should return AUTH_BADCRED, instead got %s" % > (service, e)) > finally: > + orig.gss_seq_num = c.security.gss_seq_num > c.security = orig It might make sense just to apply something like this to upstream pynfs. The choice of whether to increment the sequence id here isn't obvious, but I actually think the server's more likely to be right (the rfc says to increment when the checksum is succesfully verified, which it was in this case. At that point we know the contents of the header are what the client intended.) --b. > > > I am not have a test of all the case with --security=krb5, just test > the gss. This is because the krb server does not always works well.^_^ > > > > (This is the problem with spending a lot of time on pynfs tests. > > They've been useful for catching regressions, but there's a risk of > > spending too much time tracking down "problems" that won't actually show > > up in real situations. Time would usually be better spent on bugs > > (and/or performance problems) found in actual use.) > > > > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html