From: Benny Halevy <bhalevy@panasas.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Steve Dickson <steved@redhat.com>,
NFS list <linux-nfs@vger.kernel.org>,
pNFS Mailing List <pnfs@linux-nfs.org>,
Chuck Lever <chuck.lever@oracle.com>
Subject: Re: [PATCH 0/3] nfs-utils: nfsd support for minor version, take 2
Date: Thu, 23 Apr 2009 11:58:28 +0300 [thread overview]
Message-ID: <49F02DB4.50504@panasas.com> (raw)
In-Reply-To: <20090422215458.GL9541@fieldses.org>
On Apr. 23, 2009, 0:54 +0300, "J. Bruce Fields" <bfields@fieldses.org> wrote:
> On Wed, Apr 22, 2009 at 03:06:30PM +0300, Benny Halevy wrote:
>> Following the discussion we had last week
>> (see http://linux-nfs.org/pipermail/pnfs/2009-April/007283.html)
>>
>> I made the following changes:
>> * minorvers4 enabled by default.
>> * No new -n option.
>>
>> This makes minorvers control essentially the same as
>> the major protocol version. minorvers4 is enabled by default
>> and can be disabled using -N 4.1.
>>
>> On Fedora, /etc/sysconfig/nfs can be changed as follows
>> to configure the service startup script to disable 4.1:
>
> Why couldn't nfs-utils just respect the kernel's default and make no
> attempt to set the minor version? A (possibly undocumented) -P 4.1
> option (or some other name) could be used by testers to specify that
> they want 4.1. After things have settled down a little we'd change the
> kernel's default, and then only -N 4.1 would be needed.
It could, and that was pretty much my original intent, which was
criticized by Steve and others for being overly cautious. I agree with
Chuck that the distributions using nfs-utils should decide about the
default and that can be done either way. The difference is for people
upgrading nfs-utils while keeping their old /etc/sysconfig/nfs.
I've no problem with having an option to enable 4.1 (and I don't care
much if it's -n or -P either). Should a distribution that want this option
enabled by default use an undocumented option? I'm not sure.
I'd prefer it to be documented if that's the case.
>
> If I'd known we'd be enabling 4.1 by default in nfs-utils, I wouldn't
> have been so happy about removing the 4.1 config option--how confident
> are we that the 4.1 code to be in 2.6.30 has no security holes?
The more it will be tested and used, the better my confidence will be.
I don't think that disabling it by default will help us find any security
holes before the code will be ready for prime time. Not without a
full blown QA effort.
Benny
>
> --b.
>
>> --- /etc/sysconfig/nfs.orig 2009-04-22 14:57:15.000000000 +0300
>> +++ /etc/sysconfig/nfs 2009-04-22 14:46:52.000000000 +0300
>> @@ -26,6 +26,8 @@
>> #RPCNFSDARGS="-N 2 -N 3"
>> # Turn off v4 protocol support
>> #RPCNFSDARGS="-N 4"
>> +# Turn off v4.1 minorversion support
>> +RPCNFSDARGS="-N 4.1"
>> # Number of nfs server processes to be started.
>> # The default is 8.
>> #RPCNFSDCOUNT=8
>>
>> The patches in this set are:
>> [PATCH 1/3] utils/nfsd: add support for minorvers4
>> [PATCH 2/3] utils/nfsd: disable minorvers4 via command line
>> [PATCH 3/3] utils/nfsd: enable nfs minorvers4 by default
>>
>> Benny
next prev parent reply other threads:[~2009-04-23 8:58 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-13 8:25 [RFC 0/4] nfs-utils: nfsd support for minor version Benny Halevy
2009-04-13 8:29 ` [PATCH 1/4] utils/nfsd: fix -N optarg error printout Benny Halevy
2009-04-13 8:29 ` [RFC 2/4] utils/nfsd: add support for minorvers4 Benny Halevy
2009-04-13 8:29 ` [RFC 3/4] utils/nfsd: add -n --nfs-version option Benny Halevy
2009-04-13 8:29 ` [RFC 4/4] utils/nfsd: enable/disable minorvers4 via command line Benny Halevy
2009-04-16 17:24 ` [RFC 0/4] nfs-utils: nfsd support for minor version Steve Dickson
[not found] ` <49E769C5.6010902-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-04-16 17:59 ` Benny Halevy
2009-04-16 18:13 ` Steve Dickson
[not found] ` <49E7753C.4010300-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-04-16 18:23 ` [pnfs] " J. Bruce Fields
2009-04-16 18:37 ` Benny Halevy
2009-04-16 19:01 ` Steve Dickson
[not found] ` <49E7809B.2020002-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-04-16 19:18 ` J. Bruce Fields
2009-04-17 12:35 ` Steve Dickson
[not found] ` <49E87798.8090308-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-04-17 15:42 ` J. Bruce Fields
2009-04-17 16:18 ` Chuck Lever
2009-04-17 16:40 ` Benny Halevy
2009-04-22 12:06 ` [PATCH 0/3] nfs-utils: nfsd support for minor version, take 2 Benny Halevy
2009-04-22 12:10 ` [PATCH 1/3] utils/nfsd: add support for minorvers4 Benny Halevy
2009-04-22 12:10 ` [PATCH 2/3] utils/nfsd: disable minorvers4 via command line Benny Halevy
2009-04-22 12:10 ` [PATCH 3/3] utils/nfsd: enable nfs minorvers4 by default Benny Halevy
2009-04-22 21:54 ` [PATCH 0/3] nfs-utils: nfsd support for minor version, take 2 J. Bruce Fields
2009-04-23 8:58 ` Benny Halevy [this message]
2009-05-18 14:49 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49F02DB4.50504@panasas.com \
--to=bhalevy@panasas.com \
--cc=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
--cc=pnfs@linux-nfs.org \
--cc=steved@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.