On Tue, 2011-08-30 at 13:24 -0700, Boaz Harrosh wrote: > On 08/30/2011 01:00 PM, Chuck Lever wrote: > <> > >> > >> Won't the above check be rather expensive? You'll need to do a > >> getxattr call on almost every path component of every lookup, > >> right? > >> > >> I may be misremembering your talk from connectathon, but I thought > >> you were planning to use a well-known mode for junctions that would > >> cut down on the number of unnecessary getxattrs... > > > > Yes, that's the plan. To reduce overhead, the S_ISVTX bit must be > > set before NFSD does the expensive xattr test. ...and mode bits otherwise set to 0 so nobody can access the mounted-on directory. > from: stat(2) - Linux man page > > The 'sticky' bit (S_ISVTX) on a directory means that a file in that > directory can be renamed or deleted only by the owner of the file, > by the owner of the directory, and by a privileged process. > > Please explain how does it work? Once the junction is followed and > mounted then the mode-bits get changed to the destination directory's > mode bits? So the Server's junction mode-bits are never exposed, except > in a local-fs file access on the server? Yes. -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@xxxxxxxxxx www.netapp.com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
