On Wed, May 30, 2018 at 05:33:11AM -0500, Goldwyn Rodrigues wrote: > I am not trying to override the security. I am trying to detect > duplication of security information. The common case of NFS > communication does not require the additional security parameters > (doesn't mean it is not required). So my question is: is it possible to > detect at the client that nfs4_acl is a duplicate of information which > can be and is represented by inode alone. If yes, can it be suppressed > by the client. No, that's not possible. The user's identity could be mapped in various ways. You've got no way to know whether root squashing is in effect, for example. Or to know what the user@xxxxxxxxxxx krb5 identity that you're running as might map to on the server. So it's hard to even tell whether a given user matches the file's owner or group. So even the mode bits are kind of meaningless to the client. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-unionfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
