From: "J. Bruce Fields" <bfields@fieldses.org>
To: Steve Dickson <SteveD@redhat.com>
Cc: Linux NFS Mailing list <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH 0/2] Support for Numeric Representations of UIDs and GIDs.
Date: Wed, 18 Aug 2010 15:17:27 -0400 [thread overview]
Message-ID: <20100818191726.GF13050@fieldses.org> (raw)
In-Reply-To: <4C6C3000.5010003@RedHat.com>
On Wed, Aug 18, 2010 at 03:09:52PM -0400, Steve Dickson wrote:
>
>
> On 08/18/2010 02:20 PM, J. Bruce Fields wrote:
> > On Tue, Aug 17, 2010 at 03:38:43PM -0400, Steve Dickson wrote:
> >> In recent NFS v2/v3 to v4 transitions, one of the sticking
> >> points have been that fact v4 uses strings in the format
> >> of "user@domain" instead of 32bit integers for uids and
> >> gids.
> >>
> >> When the string can not be mapped, its mapped to the 'nobody'
> >> user which is not optimal for things like backup servers and
> >> such where the ids will not be know by both sides.
> >>
> >> So this patch series enables the server to send out numeric
> >> string of uids and gids that do not have the '@domain' part.
> >> The series also adds functionality to the client that parse these
> >> type of strings and will use the numeric representation
> >> of the ids iff the id exists on the client, which is
> >> sightly different that Solaris. Solaris dose not have that
> >> "id must exist" restriction.
> >
> > Why did you decide to impose that restriction?
> I just thought it made sense, from a security standpoint to make sure the
> ids were at least valid on the client... if they are not valid the id
> becomes 'nobody' which how it works today... but is different than how
> OpenSolaris does it... they just use whatever the server tells to...
If we don't have a strong reason to do something different, let's just
do the same as OpenSolaris and save any restrictions for the
client-to-server (acl/owner-setting) path.
--b.
next prev parent reply other threads:[~2010-08-18 19:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-17 19:38 [PATCH 0/2] Support for Numeric Representations of UIDs and GIDs Steve Dickson
2010-08-17 19:38 ` [PATCH 1/2] Teach clients to map numeric strings into valid uids and gids Steve Dickson
2010-08-17 20:27 ` Trond Myklebust
2010-08-17 21:35 ` Steve Dickson
2010-08-17 21:47 ` Trond Myklebust
2010-08-17 22:07 ` Steve Dickson
2010-08-17 22:13 ` Trond Myklebust
2010-08-17 22:25 ` Steve Dickson
2010-08-17 19:38 ` [PATCH 2/2] Add server support to use of numeric strings for uid " Steve Dickson
2010-08-17 20:28 ` Trond Myklebust
2010-08-17 19:51 ` [PATCH 0/2] Support for Numeric Representations of UIDs and GIDs Tom Haynes
2010-08-17 20:04 ` Steve Dickson
[not found] ` <4C6AEB43.5080508-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2010-08-17 20:30 ` Tom Haynes
2010-08-18 18:20 ` J. Bruce Fields
2010-08-18 19:09 ` Steve Dickson
2010-08-18 19:17 ` J. Bruce Fields [this message]
2010-08-18 19:23 ` Trond Myklebust
[not found] ` <1282159391.8540.90.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2010-08-18 19:33 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100818191726.GF13050@fieldses.org \
--to=bfields@fieldses.org \
--cc=SteveD@redhat.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.