All of lore.kernel.org
 help / color / mirror / Atom feed
From: Steve Dickson <SteveD@redhat.com>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: "Myklebust, Trond" <Trond.Myklebust@netapp.com>,
	Linux NFS Mailing List <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH] Adding the nfs4_secure_mounts bool
Date: Mon, 11 Nov 2013 13:59:23 -0500	[thread overview]
Message-ID: <5281290B.6000201@RedHat.com> (raw)
In-Reply-To: <E520DD5F-7E5A-4B6C-9FF6-6B74DA36FD1E@oracle.com>

On 11/11/13 13:30, Chuck Lever wrote:
> 
> On Nov 11, 2013, at 1:06 PM, Steve Dickson <SteveD@redhat.com> wrote:
> 
>>
>>
>> On 09/11/13 18:12, Myklebust, Trond wrote:
>>> One alternative to the above scheme, which I believe that I’ve 
>>> suggested before, is to have a permanent entry in rpc_pipefs 
>>> that rpc.gssd can open and that the kernel can use to detect 
>>> that it is running. If we make it /var/lib/nfs/rpc_pipefs/gssd/clnt00/gssd, 
>>> then AFAICS we don’t need to change nfs-utils at all, since all newer 
>>> versions of rpc.gssd will try to open for read anything of the form 
>>> /var/lib/nfs/rpc_pipefs/*/clntXX/gssd...
>>
>> After further review I am going going have to disagree with you on this.
>> Since all the context is cached on the initial mount the kernel
>> should be using the call_usermodehelper() to call up to rpc.gssd 
>> to get the context, which means we could put this upcall noise 
>> to bed... forever! :-)
> 
> Ask Al Viro for his comments on whether the kernel should start 
> gssd (either a daemon or a script).  Hint: wear your kevlar underpants.
I was thinking gssd would become a the gssd-cmd command... Al does not
like the call_usermodehelper() interface?

> 
> Have you tried Trond's approach yet?
Looking into it... But nothing is trivial in that code... 

> 
>> I realize this is not going happen overnight, so I would still
>> like to propose my  nfs4_secure_mounts bool patch as bridge
>> to the new call_usermodehelper()  since its the cleanest 
>> solution so far... 
>>
>> Thoughts?
> 
> We have workarounds already that work on every kernel since 3.8.
> 
The one that logs 5 to 20 lines (depending on thins are setup or not)
per mount? That does work in some environments but no all. ;-)
Or am I missing one? Please tell me I am!!! :-) 

steved.

  reply	other threads:[~2013-11-11 18:58 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-09 22:47 [PATCH] Adding the nfs4_secure_mounts bool Steve Dickson
2013-11-09 23:12 ` Myklebust, Trond
2013-11-10 22:31   ` Steve Dickson
2013-11-10 22:45     ` Myklebust, Trond
2013-11-11 13:00       ` Steve Dickson
2013-11-11 18:06   ` Steve Dickson
2013-11-11 18:25     ` Myklebust, Trond
2013-11-11 18:43       ` Steve Dickson
2013-11-11 18:53         ` Myklebust, Trond
2013-11-11 19:05           ` Steve Dickson
2013-11-11 19:21             ` Myklebust, Trond
2013-11-11 18:30     ` Chuck Lever
2013-11-11 18:59       ` Steve Dickson [this message]
2013-11-11 20:33         ` Chuck Lever
2013-11-11 21:13           ` Steve Dickson
2013-11-11 21:47             ` Chuck Lever
2013-11-11 23:00               ` Steve Dickson
2013-11-12 16:09                 ` Chuck Lever
2013-11-12 16:24                   ` Steve Dickson
2013-11-12 16:46                     ` Chuck Lever
2013-11-12 16:52                       ` Steve Dickson
2013-11-12 16:10                 ` J. Bruce Fields
2013-11-12  5:11           ` NeilBrown
2013-11-12  5:29             ` Myklebust, Trond
2013-11-12 16:16               ` J. Bruce Fields
2013-11-13  0:23                 ` NeilBrown
2013-11-13  0:30                   ` Myklebust, Trond
2013-11-13  1:13                     ` NeilBrown
2013-11-13  1:26                       ` Myklebust, Trond
2013-11-14  1:05                         ` NeilBrown
2013-11-14  1:07                         ` [PATCH - nfs-utils] gssd: always reply to rpc-pipe requests from kernel NeilBrown
2013-11-14 13:34                           ` Jeff Layton
2013-11-20 21:21                           ` Steve Dickson
2013-11-13  3:46                   ` [PATCH] Adding the nfs4_secure_mounts bool J. Bruce Fields
2013-11-13  4:15                     ` Myklebust, Trond
2013-11-14  1:10                       ` NeilBrown

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5281290B.6000201@RedHat.com \
    --to=steved@redhat.com \
    --cc=Trond.Myklebust@netapp.com \
    --cc=chuck.lever@oracle.com \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.