On 2011-11-18 22:33 +0200, Trond Myklebust wrote: > On Fri, 2011-11-18 at 20:19 +0100, John Hughes wrote: > > On 11/18/2011 07:35 PM, Trond Myklebust wrote: > > > On Fri, 2011-11-18 at 15:34 +0100, John Hughes wrote: > > > > > >> Description: Add "-e" (ticket expiry is error) option to rpc.gssd > > >> In kernels starting around 2.6.34 the nfs4 server will block all I/O > > >> when a user ticket expires. In earlier kernels the I/O would fail > > >> with an EACCESS error. This patch adds a "-e" option to rpc.gssd > > >> which allow the earlier behaviour (EKEYEXPIRED is converted to > > >> EACCESS). This behaviour is particularly useful when user home > > >> directories are nfs4 mounted with krb5 security - if the user is > > >> absent from their workstation for long enough for the ticket to > > >> expire a new ticket will be obtained (via pam_krb5) by the screen > > >> unlock process. > > >> > > > You need a big fat warning somewhere that enabling this option WILL > > > cause data corruption... > > > > > Why? > > > > Because some process may get the EACCES error half way through it's > > operation. > > No. Because the process can receive a reply to the write() syscall that > indicates that the data is safe, but the EKEYEXPIRED error will cause > the data to be lost when the client tries to actually commit the data to > disk. But on a local disk, a successful return from the write syscall doesn't mean "the data is safe". It seems odd to me that NFS should provide this guarantee while a local disk does not. Is this guarantee documented anywhere? Cheers, -- Nick Bowler, Elliptic Technologies (http://www.elliptictech.com/) -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
