RE: POSIX ACL support for NFSV4 (using sideband protocol)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2009-09-03 at 00:46 -0700, Muntz, Daniel wrote:
> 
> ACLs could possibly be made completely opaque to NFS with a module-based
> approach.
> 
>   -Dan

Something to be aware of here is that once you turn a field opaque you
introduce a bunch of other issues. The MAC attribute that I've been
proposing in the IETF is mostly opaque and it has caused some problems
with interoperability. Some questions to be answered are

1) what is the initial set of modules defined? They aren't going to let
you take an opaque field and run away with it to do as you please. I've
been working on ways to define an initial set of label formats to make
the working group happier.

2) How are you going to specify these modules? It needs to be in a way
that implementors can easily use it. Are these specifications maintained
through the IETF or are they maintained by an outside organization?

3) How do modules translate between themselves. Are you going to only
allow like ACL modules to communicate? Will you have a mechanism for
those with ACL type A to still use a system with ACL type B? Will a
server be able to support both ACL type A and B? What happens if you
want both a Windows NFSv4 client and a Linux NFSv4 client to use the
same shares?

These are just some ideas to think about when you decide to make this
opaque.

Dave



--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux