From: Jeff Layton <jlayton@redhat.com>
To: trond.myklebust@netapp.com
Cc: linux-nfs@vger.kernel.org, chuck.lever@oracle.com,
Weston.Adamson@netapp.com
Subject: [PATCH v3 0/3] nfs: teach NFSv3 mount code to try each authflavor in turn
Date: Thu, 27 Jun 2013 11:50:04 -0400 [thread overview]
Message-ID: <1372348207-26388-1-git-send-email-jlayton@redhat.com> (raw)
Changes since v2 set:
- fix some signed vs. unsigned type comparisons
- change how an empty server_authlist is handled. Instead of picking an
authflavor to try at that point, just munge the list to contain only
RPC_AUTH_NULL. The rest of the logic can take over at that point.
I got a report of a regression in recent kernels. Windows 2012 servers
support v3 and v4.1. They also return a list of authflavors that starts
with AUTH_GSS flavors and ends with AUTH_SYS.
Since commit 4580a92 (NFS: Use server-recommended security flavor by
default (NFSv3)) mounting this server with nfsv3 fails unless you
specify sec=sys. I can replicate the problem with a Linux NFS server
by exporing a filesystem with "sec=krb5:sys".
This patchset overhauls the NFSv3 auth code to try each authflavor in
the list provided by the server in the order that it specified them.
With this, I'm again able to mount the server without needing any
special mount options.
Thanks to Chuck Lever for suggestions thus far...
Jeff Layton (3):
nfs: refactor "need_mount" code out of nfs_try_mount
nfs: move server_authlist into nfs_try_mount_request
nfs: have NFSv3 try server-specified auth flavors in turn
fs/nfs/super.c | 186 ++++++++++++++++++++++++++++++++-------------------------
1 file changed, 104 insertions(+), 82 deletions(-)
--
1.8.1.4
next reply other threads:[~2013-06-27 15:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-27 15:50 Jeff Layton [this message]
2013-06-27 15:50 ` [PATCH v3 1/3] nfs: refactor "need_mount" code out of nfs_try_mount Jeff Layton
2013-06-27 15:50 ` [PATCH v3 2/3] nfs: move server_authlist into nfs_try_mount_request Jeff Layton
2013-06-27 15:50 ` [PATCH v3 3/3] nfs: have NFSv3 try server-specified auth flavors in turn Jeff Layton
2013-06-27 15:57 ` Chuck Lever
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1372348207-26388-1-git-send-email-jlayton@redhat.com \
--to=jlayton@redhat.com \
--cc=Weston.Adamson@netapp.com \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
--cc=trond.myklebust@netapp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).