When someone deploys kerberized NFS, they usually will quickly run across a major problem. As soon as their credentials expire, all RPCs start failing with -EACCES errors. This makes it really difficult to have any sort of long-running job since you have to proactively kinit before your TGT expires. If you miss doing so, then your job may start getting errors unexpectedly. This patchset represents a first pass at fixing this. The idea here is to distinguish between the situation where someone has an expired credential cache and someone that has no credential cache at all. In the latter case, we want to have the RPC return -EACCES (just like it does today), in the former case we want to return a different error that will make the NFS layer delay and retry the call instead of erroring out (-EKEYEXPIRED). This patchset is for the kernel patches. To make this work, gssd will also need to be fixed to send different errors in these situations. That patch will follow this set. Jeff Layton (4): sunrpc: parse and return errors reported by gssd nfs4: handle -EKEYEXPIRED errors from RPC layer nfs: handle NFSv3 -EKEYEXPIRED errors as we would -EJUKEBOX nfs: handle NFSv2 -EKEYEXPIRED returns from RPC layer appropriately fs/nfs/nfs3proc.c | 9 ++++--- fs/nfs/nfs4proc.c | 11 ++++++++- fs/nfs/nfs4state.c | 1 + fs/nfs/proc.c | 41 ++++++++++++++++++++++++++++++++++++++++ net/sunrpc/auth_gss/auth_gss.c | 11 ++++++++- 5 files changed, 65 insertions(+), 8 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
