On Fri, 2013-07-19 at 17:06 -0400, andros@xxxxxxxxxx wrote:
> From: Andy Adamson <andros@xxxxxxxxxx>
>
> pNFS data servers are not mounted in the normal sense as there is no associated
> nfs_server structure.
> Commit 4edaa308 "NFS: Use "krb5i" to establish NFSv4 state whenever possible"
> uses the nfs_client cl_rpcclient for all state management operations, and
> will use krb5i or auth_sys with no regard to the mount command authflavor
> choice. For normal mounted servers, the nfs_server client authflavor is used
> for all non-state management operations
>
> Data servers also need to use the same authflavor as the MDS mount for
> non-state management operations. Add a strut rpc_clnt to struct nfs_client for
> data server connections.
Is that sufficient? As far as I can tell, there is nothing that states
that the data servers must use the same security mechanism for all the
files?
In fact, section 13.12 specifically mentions that the data servers have
to support SECINFO_NO_NAME to allow clients to figure out what to use
for a given DS filehandle.
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
