On Nov 9, 2013, at 17:47, Steve Dickson <SteveD@xxxxxxxxxx> wrote: > The nfs4_secure_mounts controls whether security > flavors will be tried during the establishing of > NFSv4 state and the pseudoroot lookups. > > This allows security daemon like rpc.gssd to > tell the kernel that secure mounts should be tried. > > To enable secure mounts: > echo "on" > /proc/fs/nfsfs/secure > > To disable secure mounts: > echo "off" > /proc/fs/nfsfs/secure > > Signed-off-by: Steve Dickson <steved@xxxxxxxxxx> Hi Steve, So the rpc.gssd would flip the switch to “on” when it starts up and to “off” when it quits? What if someone does a ‘kill -9’? One alternative to the above scheme, which I believe that I’ve suggested before, is to have a permanent entry in rpc_pipefs that rpc.gssd can open and that the kernel can use to detect that it is running. If we make it /var/lib/nfs/rpc_pipefs/gssd/clnt00/gssd, then AFAICS we don’t need to change nfs-utils at all, since all newer versions of rpc.gssd will try to open for read anything of the form /var/lib/nfs/rpc_pipefs/*/clntXX/gssd... Cheers Trond-- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
