On Tue, Mar 06, 2018 at 01:09:01PM -0500, Chuck Lever wrote:
> Note that neither of these solutions addresses the largest consumer
> of dynamically-assigned reserved ports: the kernel NFS client. The
> only way we have to address that today is the "noresvport" mount
> option. (We could make that the default for Kerberos mounts).
Makes sense to me.
Looks like knfsd's not helpful here, though: the export option
("secure"/"insecure") defaults to "secure", which always requires a low
port. It should be easy to modify "secure" to mean "require low ports
only for auth_sys/auth_null", and that's probably the right thing to do.
--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
