From: Steve Dickson <SteveD@redhat.com>
To: "J. Bruce Fields" <bfields@fieldses.org>,
Chuck Lever <chuck.lever@oracle.com>
Cc: Neil Brown <neilb@suse.de>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
Simo Sorce <simo@redhat.com>
Subject: Re: [PATCH/RFC: nfs-utils] Common systemd unit files for nfs-utils.
Date: Mon, 10 Feb 2014 15:50:41 -0500 [thread overview]
Message-ID: <52F93BA1.9060505@RedHat.com> (raw)
In-Reply-To: <20140206161917.GB14575@fieldses.org>
On 02/06/2014 11:19 AM, J. Bruce Fields wrote:
> On Thu, Feb 06, 2014 at 11:09:58AM -0500, Chuck Lever wrote:
>>
>> On Feb 5, 2014, at 8:27 PM, NeilBrown <neilb@suse.de> wrote:
>>> I certainly agree with making things simple. If we can make a configuration
>>> irrelevant, e.g. by gets nfsd to auto-tune the number of threads so the
>>> setting becomes pointless, then I've very happy to remove that sort of
>>> configuration. But if a configuration option actually means something I
>>> certainly don't want to remove it.
>>>
>>> So I'm leaning towards having "systemctl {un,}mask rpc-gssd" be the
>>> configuration tool for rpc.gssd.
>>
>> I like that better than the “off-until-requested” behavior we have currently. IMO folks who want to disable rpc.gssd will be in the increasing minority and the rest of the world will take scant notice of the extra daemon, as long as we ensure it speaks only when necessary.
>
> I'd also prefer running the gssd's by default: one less (confusing) step
> to set up kerberos, and I'm not seeing a realistic security risk.
I'm not for starting daemon that are not needed or necessary. I
just think that is a bad design.
>
> If we can easily provide a way to turn it off for people that want a
> really stripped-down system for whatever reason, fine, let's provide
> that.
I'm thinking just the opposite... Have a way to easily (or even
automatically) way to enabled NFS security.... when needed...
Would it make it easier if we combined the gssd daemon? That goes
both ways (server and client)... That way we could just enable
nfs security and the daemon would started regardless on what side
its on...
steved.
next prev parent reply other threads:[~2014-02-10 20:50 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-30 6:24 [PATCH/RFC: nfs-utils] Common systemd unit files for nfs-utils NeilBrown
2014-01-30 15:04 ` Weston Andros Adamson
2014-01-30 17:56 ` Weston Andros Adamson
2014-01-30 18:52 ` J. Bruce Fields
2014-01-30 22:50 ` NeilBrown
2014-01-30 23:17 ` Jim Rees
2014-01-30 20:06 ` Steve Dickson
2014-01-30 22:14 ` NeilBrown
2014-01-31 15:19 ` Steve Dickson
2014-01-31 16:15 ` Steve Dickson
2014-02-03 21:01 ` Steve Dickson
2014-02-03 22:34 ` NeilBrown
2014-02-04 16:20 ` J. Bruce Fields
2014-02-04 16:30 ` Chuck Lever
2014-02-04 19:00 ` Steve Dickson
2014-02-06 12:32 ` Simo Sorce
2014-02-05 3:09 ` NeilBrown
2014-02-05 15:56 ` Chuck Lever
2014-02-06 1:27 ` NeilBrown
2014-02-06 12:15 ` Simo Sorce
2014-02-06 16:09 ` Chuck Lever
2014-02-06 16:19 ` J. Bruce Fields
2014-02-10 20:50 ` Steve Dickson [this message]
2014-02-11 4:50 ` NeilBrown
2014-02-11 12:38 ` Steve Dickson
2014-02-11 16:37 ` J. Bruce Fields
2014-02-11 16:47 ` Steve Dickson
2014-02-11 16:56 ` J. Bruce Fields
2014-02-11 20:12 ` Steve Dickson
2014-02-04 18:26 ` Steve Dickson
2014-02-04 18:48 ` Anthony Messina
2014-02-04 18:54 ` J. Bruce Fields
2014-02-05 3:55 ` NeilBrown
2014-02-11 12:56 ` Steve Dickson
2014-02-05 5:43 ` NeilBrown
2014-02-05 21:11 ` J. Bruce Fields
2014-02-06 0:58 ` NeilBrown
2014-02-13 19:39 ` Steve Dickson
2014-02-04 12:42 ` Anthony Messina
2014-02-04 13:24 ` Jeff Layton
2014-02-04 14:18 ` Anthony Messina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52F93BA1.9060505@RedHat.com \
--to=steved@redhat.com \
--cc=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
--cc=neilb@suse.de \
--cc=simo@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.