On Wed, Nov 14, 2012 at 09:51:33PM +0000, Myklebust, Trond wrote: > On Wed, 2012-11-14 at 16:42 -0500, J. Bruce Fields wrote: > > Simo's patches use them for upcalls to svcgssd. Those will always be > > done from server threads. > > Any reason why you can't set that up when you start nfsd? Oh, right, I was thinking of the upcalls themselves--right, the connect we should be able to do on server start, I agree. > > > > If not, then let's just move > > > the AF_LOCAL connection back into the process context and out of rpciod. > > > > Remind me how this helps? > > rpciod shares the 'init' process net namespace and chroot properties. > If, however you call bind() from the (containerised) process that was > used to start nfsd, then you will be using filesystem root (and net > namespace) of that container. Got it. --b. > > > --b. > > > > > > > > That implies that the process needs to be privileged, but it needs > > > privileges in order to start RPC daemons anyway. > > -- > Trond Myklebust > Linux NFS client maintainer > > NetApp > Trond.Myklebust@xxxxxxxxxx > www.netapp.com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
