From: "J. Bruce Fields" <bfields@fieldses.org>
To: Wendy Cheng <wcheng@redhat.com>
Cc: Neil Brown <neilb@suse.de>, Christoph Hellwig <hch@infradead.org>,
NFS list <linux-nfs@vger.kernel.org>,
cluster-devel@redhat.com
Subject: Re: [PATCH 1/2] NLM failover unlock commands
Date: Thu, 24 Jan 2008 16:40:29 -0500 [thread overview]
Message-ID: <20080124214029.GK26164@fieldses.org> (raw)
In-Reply-To: <4798FDE9.4040406@redhat.com>
On Thu, Jan 24, 2008 at 04:06:49PM -0500, Wendy Cheng wrote:
> J. Bruce Fields wrote:
>> On Thu, Jan 24, 2008 at 02:45:37PM -0500, Wendy Cheng wrote:
>>
>>> J. Bruce Fields wrote:
>>>
>>>> In practice, it seems that both the unlock_ip and unlock_pathname
>>>> methods that revoke locks are going to be called together. The two
>>>> separate calls therefore seem a little redundant. The reason we *need*
>>>> both is that it's possible that a misconfigured client could grab locks
>>>> for a (server ip, export) combination that it isn't supposed to.
>>>>
>>> That is not a correct assumption. The two commands (unlock_ip and
>>> unlock_pathname) are not necessarily called together. It is ok for
>>> local filesystem (ext3) but not for cluster filesystem where the
>>> very same filesystem (or subtree) can be exported from multiple
>>> servers using different subtrees.
>>>
>>
>> Ouch. Are people really doing that, and why? What happens if the
>> subtrees share files (because of hard links) that are locked from both
>> nodes?
>>
>
> It is *more* common than you would expect - say server1 exports
> "/mnt/gfs/maildir/namea-j" and server2 exports
> "/mnt/gfs/maildir/namek-z".
I believe it, but how hard would it be for them to just set those up as
separate partitions?
I'm really not fond of exports of subdirectories of filesystems, mainly
because I'm worried that many administrators don't understand the
security issue (which is that they probably are exposing the whole
filesystem when they export a subdirectory).
--b.
next prev parent reply other threads:[~2008-01-24 21:40 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-07 5:39 [PATCH 1/2] NLM failover unlock commands Wendy Cheng
2008-01-08 5:18 ` Neil Brown
2008-01-09 2:51 ` Wendy Cheng
2008-01-08 17:02 ` Christoph Hellwig
2008-01-08 17:49 ` Christoph Hellwig
2008-01-08 20:57 ` Wendy Cheng
2008-01-09 18:02 ` Christoph Hellwig
2008-01-10 7:59 ` Christoph Hellwig
2008-01-12 7:03 ` Wendy Cheng
2008-01-12 9:38 ` Christoph Hellwig
2008-01-14 23:07 ` J. Bruce Fields
2008-01-14 23:31 ` Neil Brown
[not found] ` <18315.61638.14133.308991-wvvUuzkyo1EYVZTmpyfIwg@public.gmane.org>
2008-01-15 16:38 ` Chuck Lever
2008-01-22 22:53 ` J. Bruce Fields
2008-01-24 4:02 ` Neil Brown
2008-01-15 16:14 ` Wendy Cheng
2008-01-15 16:30 ` J. Bruce Fields
2008-01-14 23:52 ` Neil Brown
2008-01-15 20:17 ` Wendy Cheng
2008-01-15 20:50 ` Neil Brown
2008-01-15 20:56 ` Wendy Cheng
2008-01-15 22:48 ` Wendy Cheng
2008-01-16 4:19 ` Neil Brown
2008-01-17 15:10 ` J. Bruce Fields
2008-01-17 15:48 ` Wendy Cheng
2008-01-17 16:08 ` Wendy Cheng
2008-01-17 16:10 ` Wendy Cheng
2008-01-18 10:21 ` Frank van Maarseveen
2008-01-18 15:00 ` Wendy Cheng
2008-01-17 16:14 ` J. Bruce Fields
2008-01-17 16:17 ` Wendy Cheng
2008-01-17 16:21 ` J. Bruce Fields
2008-01-17 16:31 ` J. Bruce Fields
2008-01-17 16:31 ` Wendy Cheng
2008-01-17 16:40 ` J. Bruce Fields
2008-01-17 17:35 ` Frank Filz
2008-01-17 17:59 ` Wendy Cheng
2008-01-17 18:07 ` Wendy Cheng
2008-01-17 20:23 ` J. Bruce Fields
2008-01-18 10:03 ` Frank van Maarseveen
2008-01-18 14:56 ` Wendy Cheng
2008-01-24 16:00 ` J. Bruce Fields
2008-01-24 16:19 ` Peter Staubach
2008-01-24 16:39 ` J. Bruce Fields
2008-01-24 19:45 ` Wendy Cheng
2008-01-24 20:19 ` J. Bruce Fields
2008-01-24 21:06 ` Wendy Cheng
2008-01-24 21:40 ` J. Bruce Fields [this message]
2008-01-24 21:49 ` Wendy Cheng
2008-01-28 3:46 ` Felix Blyakher
2008-01-28 15:56 ` Wendy Cheng
2008-01-28 17:06 ` [Cluster-devel] " Felix Blyakher
2008-01-09 3:49 ` Wendy Cheng
2008-01-09 16:13 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080124214029.GK26164@fieldses.org \
--to=bfields@fieldses.org \
--cc=cluster-devel@redhat.com \
--cc=hch@infradead.org \
--cc=linux-nfs@vger.kernel.org \
--cc=neilb@suse.de \
--cc=wcheng@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox