Disclaimer: As Trond knows, I don't like the current "shared cache" implementation, even given the security issue of mounting the same file system with AUTH_SYS and AUTH_GSS. See response below. Trond Myklebust wrote: > On Tue, 2007-05-15 at 08:41 +1000, Neil Brown wrote: >> I think "shared" is an important concept to have in there as it is >> sharing the cache, the connection and the options. For consistency >> with other options, I would have an optional "no" at the front to >> invert the flag. Current nfs options don't have punctuation, so I >> would probably go for something like: >> -o [no]sharedcache >> -o [no]shareconnection >> >> Then comes the question of what the default should be. >> The original default was nosharedcache, but the more recent default >> has been sharedcache. In hindsight it would have been better not to >> change the default, but things are always much clearer in hindsight. >> >> I would lean towards restoring the default to nosharedcache, and >> having to explicitly request sharedcache if you want that, and are >> happy to have the same mount option enforced on all sharing mounts. > > I disagree with that. The default was changed for a very good reason, > namely that people were making assumptions that were wrong: i.e. that > the cache remains consistent when you change the ro/rw flag or try to > mount a subdirectory. > In fact, if you mounted the _same_ directory twice, then the default was > always 'sharedcache'. > > So all we did in 2.6.18, was to make a consistent set of rules for how > this works. > > The default should therefore remain 'sharedcache', preferably returning > an error if the user tries to mix metaphors. There have always been reasonable use cases (OK, well, reasonable to me anyway) for having completely separate options and caches for each NFS mount. Another way to look at this is that "sharedcache" is really giving you "mount --bind" and not just a "mount". Therefore all this can be mimicked in user space. Just kicking it out there: why not revert the kernel back to the previous state of affairs where "nosharedcache" was the default, and then let user space handle sharing or not sharing, documenting clearly what the implications are in the mount(8) or nfs(5) man pages? User space is smart enough to emit a warning about mixing security flavors, for instance, as suggested above.