Re: [RFC/PATCH] cifs.upcall: use kernel.provided principal name if available

Linux CIFS filesystem development
 help / color / mirror / Atom feed

From: Martin Wilck <martin.wilck@ts.fujitsu.com>
To: Jeff Layton <jlayton@samba.org>
Cc: "linux-cifs@vger.kernel.org" <linux-cifs@vger.kernel.org>,
	"samba-technical@lists.samba.org"
	<samba-technical@lists.samba.org>, Martin Wilck <mwilck@arcor.de>,
	Andrew Bartlett <abartlet@samba.org>
Subject: Re: [RFC/PATCH] cifs.upcall: use kernel.provided principal name if available
Date: Mon, 12 Sep 2011 11:01:58 +0200	[thread overview]
Message-ID: <4E6DCA86.8020707@ts.fujitsu.com> (raw)
In-Reply-To: <20110909093736.082f0ea4@corrin.poochiereds.net>

> For the record, I'm not 100% opposed to adding something like this as a
> workaround. What would probably be better would be a way for someone to
> specify the SPN in the mount options. The kernel could then pass that
> to the upcall and we wouldn't need to trust this string from the
> server. Admins would of course need to know what SPN to put in there
> however. Something like:
> 
>     -o spn=cifs/otherhostname.example.com

Sounds good. In our AD environment, an admin can do

ldapsearch "(cn=$COMPUTERNAME)" serviceprincipalname

to get the supported principal name(s).

Martin

-- 
Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering

FUJITSU
Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone:			++49 5251 525 2796
Fax:			++49 5251 525 2820
Email:			martin.wilck@ts.fujitsu.com
Internet:		http://ts.fujitsu.com
Company Details:	http://ts.fujitsu.com/imprint

next prev parent reply	other threads:[~2011-09-12  9:01 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-09-06 15:21 [RFC/PATCH] cifs: add server-provided principal name in upcall Martin Wilck
     [not found] ` <1315322512-10652-1-git-send-email-martin.wilck-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-06 15:26   ` [RFC/PATCH] cifs.upcall: use kernel.provided principal name if available Martin Wilck
     [not found]     ` <1315322794-10725-1-git-send-email-martin.wilck-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-06 16:10       ` Jeff Layton
     [not found]         ` <4E673D6F.90606@ts.fujitsu.com>
2011-09-07 13:03           ` Jeff Layton
2011-09-07 21:42             ` Andrew Bartlett
2011-09-08  7:23               ` Martin Wilck
     [not found]                 ` <4E686D69.9090503-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-08  7:39                   ` Andrew Bartlett
2011-09-08 12:53                     ` Martin Wilck
     [not found]                       ` <4E68BACD.2020403-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-08 12:59                         ` simo
2011-09-08 13:01                         ` Andrew Bartlett
2011-09-08 13:13                           ` Martin Wilck
     [not found]                             ` <4E68BF73.2090707-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-08 13:23                               ` simo
2011-09-08 13:23                               ` Andrew Bartlett
2011-09-08 14:54                                 ` Jeff Layton
     [not found]                                 ` <4E68EEAE.2090102@ts.fujitsu.com>
     [not found]                                   ` <4E68EEAE.2090102-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-09 13:37                                     ` Jeff Layton
2011-09-12  9:01                                       ` Martin Wilck [this message]
     [not found]                                         ` <4E6DCA86.8020707-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
2011-09-12 13:41                                           ` Jeff Layton
     [not found]                                             ` <20110912094114.4e7f2b8e-4QP7MXygkU+dMjc06nkz3ljfA9RmPOcC@public.gmane.org>
2011-09-12 14:00                                               ` simo
2011-09-12 23:23                                           ` Andrew Bartlett
2011-09-13 11:01                                             ` Martin Wilck
2011-09-08 13:31                               ` Jeff Layton
2011-09-07 22:18       ` Steve French
2011-09-06 16:16   ` [RFC/PATCH] cifs: add server-provided principal name in upcall Jeff Layton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E6DCA86.8020707@ts.fujitsu.com \
    --to=martin.wilck@ts.fujitsu.com \
    --cc=abartlet@samba.org \
    --cc=jlayton@samba.org \
    --cc=linux-cifs@vger.kernel.org \
    --cc=mwilck@arcor.de \
    --cc=samba-technical@lists.samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox