linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: NeilBrown <neilb@suse.de>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Steve Dickson <SteveD@RedHat.com>,
	Linux NFS Mailing list <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH 0/5 v2] nfs-utils: provide audit-logging of NFSv4 access
Date: Fri, 19 Mar 2021 14:36:24 +1100	[thread overview]
Message-ID: <87y2ejerwn.fsf@notabene.neil.brown.name> (raw)
In-Reply-To: <20210302032733.GC16303@fieldses.org>

[-- Attachment #1: Type: text/plain, Size: 1585 bytes --]

On Mon, Mar 01 2021, J. Bruce Fields wrote:

> On Tue, Mar 02, 2021 at 02:01:36PM +1100, NeilBrown wrote:
>> On Mon, Mar 01 2021, J. Bruce Fields wrote:
>> 
>> > I've gotten requests for similar functionality, and intended to
>> > implement it using directory notifications on /proc/fs/nfsd/clients.
>> 
>> I've been exploring this a bit.
>> When I mount a filesystem, 2 clients get created.
>> With NFSv4.0, the second client is immediately deleted, and the first
>> client is deleted one grace period after the filesystem is unmounted.
>> With NFSv4.1 and 4.2, the first client is immediately deleted, and the
>> second client is deleted immediately after the unmount.
>
> Yeah, internally it's creating an "unconfirmed client" on SETCLIENTID
> (or EXCHANGE_ID) and then a new "confirmed client" on
> SETCLIENTID_CONFIRM (or CREATE_SESSION).
>
> I'm not sure why the ordering's a little different between the 4.0/4.1+
> cases.

The multiple clients are not really nfsd's "fault".  The Linux NFS
client sends multiple EXCHANGE_ID or SET_CLIENT_ID requests, so NFSD
really does need to create multiple clients.

For NFSv4.0, when nfsd gets a repeat SET_CLIENT_ID, it keeps the old one
and discards the new.
For NFSv4.1, the spec requires that it keep the new one and discard the
old.
This explains the different ordering.

So the clean up the logging, mountd needs to be able to see the
confirmation status.
Following this reply will be a patch to nfsd to provide this status, and
a patch to mountd/exportd to use this status.

Thanks,
NeilBrown

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 853 bytes --]

  parent reply	other threads:[~2021-03-19  3:37 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-01  2:17 [PATCH 0/5 v2] nfs-utils: provide audit-logging of NFSv4 access NeilBrown
2021-03-01  2:17 ` [PATCH 4/5] mountd: add --cache-use-ipaddr option to force use_ipaddr NeilBrown
2021-03-01  2:17 ` [PATCH 2/5] mountd: Don't proactively add export info when fh info is requested NeilBrown
2021-03-01  2:17 ` [PATCH 1/5] mountd: reject unknown client IP when !use_ipaddr NeilBrown
2021-03-01  2:17 ` [PATCH 5/5] mountd: make default ttl settable by option NeilBrown
2021-03-01  2:17 ` [PATCH 3/5] mountd: add logging for authentication results for accesses NeilBrown
2021-03-01  3:43 ` [PATCH 0/5 v2] nfs-utils: provide audit-logging of NFSv4 access Yongcheng Yang
2021-03-02  2:26   ` NeilBrown
2021-03-01 18:50 ` J. Bruce Fields
2021-03-01 21:59   ` NeilBrown
2021-03-02  3:01   ` NeilBrown
2021-03-02  3:27     ` J. Bruce Fields
2021-03-02  3:49       ` NeilBrown
2021-03-02  4:05         ` J. Bruce Fields
2021-03-19  3:36       ` NeilBrown [this message]
2021-03-19  3:37         ` [PATCH] nfsd: report client confirmation status in "info" file NeilBrown
2021-03-19  3:38           ` [PATCH] mountd/exportd: only log confirmed clients, and poll for updates NeilBrown
2021-03-19 14:15             ` J. Bruce Fields
2021-03-19 20:43               ` NeilBrown
2021-03-19 22:39             ` [PATCH v2] " NeilBrown
2021-03-22 14:30               ` Chuck Lever III
2021-04-07 18:26               ` Steve Dickson
2021-03-19 22:38           ` [PATCH v2] nfsd: report client confirmation status in "info" file NeilBrown
2022-05-18 14:45             ` Chuck Lever III
2022-05-18 15:26               ` Chuck Lever III
2021-03-19 13:28         ` [PATCH 0/5 v2] nfs-utils: provide audit-logging of NFSv4 access J. Bruce Fields
2021-03-19 20:48           ` NeilBrown
2021-03-19 21:09             ` J. Bruce Fields
2021-03-22 17:06               ` J. Bruce Fields
2021-04-07 19:14               ` J. Bruce Fields
2021-04-07 19:33                 ` Steve Dickson
2021-04-07 19:55                   ` J. Bruce Fields

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87y2ejerwn.fsf@notabene.neil.brown.name \
    --to=neilb@suse.de \
    --cc=SteveD@RedHat.com \
    --cc=bfields@fieldses.org \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).