On Wed, 2012-11-14 at 22:14 -0800, Eric W. Biederman wrote:
> "J. Bruce Fields" <bfields@xxxxxxxxxxxx> writes:
>
> > On Wed, Nov 14, 2012 at 09:51:33PM +0000, Myklebust, Trond wrote:
> >> On Wed, 2012-11-14 at 16:42 -0500, J. Bruce Fields wrote:
> >> > Simo's patches use them for upcalls to svcgssd. Those will always be
> >> > done from server threads.
> >>
> >> Any reason why you can't set that up when you start nfsd?
> >
> > Oh, right, I was thinking of the upcalls themselves--right, the connect
> > we should be able to do on server start, I agree.
> >
> >>
> >> > > If not, then let's just move
> >> > > the AF_LOCAL connection back into the process context and out of rpciod.
> >> >
> >> > Remind me how this helps?
> >>
> >> rpciod shares the 'init' process net namespace and chroot properties.
> >> If, however you call bind() from the (containerised) process that was
> >> used to start nfsd, then you will be using filesystem root (and net
> >> namespace) of that container.
> >
> > Got it.
>
> If you can move the connect and bind into the server start that does
> sound like a very good and maintainable solution. I suspect it might
> even be a smidge better for error handling.
>
> Is there ever a reason to reconnect one of these sockets?
Not for the rpcbind case, however you can easily get into a situation
where the user restarts the gss daemon. The good news is that the gss
upcall code that uses AF_LOCAL hasn't been merged upstream yet, so that
particular interface is not yet locked in stone.
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
