From: John Hughes <john@calvaedi.com>
To: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: John Hughes <john@calva.com>,
linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticket expiry. Try 2 with added man pages.
Date: Fri, 18 Nov 2011 23:08:39 +0100 [thread overview]
Message-ID: <4EC6D767.6030109@calvaedi.com> (raw)
In-Reply-To: <1321648435.2653.53.camel@lade.trondhjem.org>
On 11/18/2011 09:33 PM, Trond Myklebust wrote:
> On Fri, 2011-11-18 at 20:19 +0100, John Hughes wrote:
>
>> On 11/18/2011 07:35 PM, Trond Myklebust wrote:
>>
>>>
>>> You need a big fat warning somewhere that enabling this option WILL
>>> cause data corruption...
>>>
>>>
>> Why?
>>
>> Because some process may get the EACCES error half way through it's
>> operation.
>>
> No. Because the process can receive a reply to the write() syscall that
> indicates that the data is safe,
There is no reply from "write(2)" that says the data is safe.
> but the EKEYEXPIRED error will cause
> the data to be lost when the client tries to actually commit the data to
> disk.
>
>
>> The traditional Kerberos/AFS way was to behave the old way, and use
>> krenew to keep the ticket from expiring if a process needed to be run
>> overnight.
>>
> Which is just wrong: the general intention of kerberos security is to
> ensure that the _user_ has ACKed an operation. Renewing tickets without
> user input would circumvent that intention. If you need to have the job
> run overnight, then ask for a longer lifetime for your ticket.
>
Ok, so no need for the hang on ticket expired then.
(Although I don't think renewable tickets and krenew are a figment of my
imagination).
>
>> What other way is there of fixing the problem if we are going to keep
>> the "hang 'till a ticket turns up" behaviour? (rewrite gnome and kde
>> seems kind of a big job).
>>
> Notify the kernel that a ticket is about to expire so that the kernel
> can decide to block the process on the next NFS-related syscall.
>
>
I don't understand. How is it a win to block processes *before* the
ticket has expired?
next prev parent reply other threads:[~2011-11-18 22:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-18 14:34 [PATCH] Add "-e" option to rpc.gssd to allow error on ticket expiry. Try 2 with added man pages John Hughes
2011-11-18 18:35 ` Trond Myklebust
2011-11-18 19:19 ` John Hughes
2011-11-18 20:33 ` Trond Myklebust
2011-11-18 20:47 ` Nick Bowler
2011-11-18 20:54 ` Trond Myklebust
2011-11-18 20:57 ` Jim Rees
2011-11-18 21:03 ` Trond Myklebust
2011-11-18 22:33 ` John Hughes
2011-11-18 22:37 ` Trond Myklebust
2011-11-18 22:46 ` John Hughes
2011-11-18 22:08 ` John Hughes [this message]
2011-11-18 22:38 ` Trond Myklebust
2011-11-18 22:57 ` John Hughes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4EC6D767.6030109@calvaedi.com \
--to=john@calvaedi.com \
--cc=Trond.Myklebust@netapp.com \
--cc=john@calva.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.