From: "J. Bruce Fields" <bfields@fieldses.org>
To: "Myklebust, Trond" <Trond.Myklebust@netapp.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Stanislav Kinsbursky <skinsbursky@parallels.com>,
Christoph Hellwig <hch@infradead.org>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"devel@openvz.org" <devel@openvz.org>,
simo@redhat.com
Subject: Re: [PATCH v3] SUNRPC: set desired file system root before connecting local transports
Date: Thu, 15 Nov 2012 13:58:53 -0500 [thread overview]
Message-ID: <20121115185853.GA22448@fieldses.org> (raw)
In-Reply-To: <4FA345DA4F4AE44899BD2B03EEEC2FA9092E2984@SACEXCMBX04-PRD.hq.netapp.com>
On Thu, Nov 15, 2012 at 01:34:16PM +0000, Myklebust, Trond wrote:
> On Wed, 2012-11-14 at 22:14 -0800, Eric W. Biederman wrote:
> > "J. Bruce Fields" <bfields@fieldses.org> writes:
> >
> > > On Wed, Nov 14, 2012 at 09:51:33PM +0000, Myklebust, Trond wrote:
> > >> On Wed, 2012-11-14 at 16:42 -0500, J. Bruce Fields wrote:
> > >> > Simo's patches use them for upcalls to svcgssd. Those will always be
> > >> > done from server threads.
> > >>
> > >> Any reason why you can't set that up when you start nfsd?
> > >
> > > Oh, right, I was thinking of the upcalls themselves--right, the connect
> > > we should be able to do on server start, I agree.
> > >
> > >>
> > >> > > If not, then let's just move
> > >> > > the AF_LOCAL connection back into the process context and out of rpciod.
> > >> >
> > >> > Remind me how this helps?
> > >>
> > >> rpciod shares the 'init' process net namespace and chroot properties.
> > >> If, however you call bind() from the (containerised) process that was
> > >> used to start nfsd, then you will be using filesystem root (and net
> > >> namespace) of that container.
> > >
> > > Got it.
> >
> > If you can move the connect and bind into the server start that does
> > sound like a very good and maintainable solution. I suspect it might
> > even be a smidge better for error handling.
> >
> > Is there ever a reason to reconnect one of these sockets?
>
> Not for the rpcbind case, however you can easily get into a situation
> where the user restarts the gss daemon. The good news is that the gss
> upcall code that uses AF_LOCAL hasn't been merged upstream yet, so that
> particular interface is not yet locked in stone.
I think we do want to be able to allow the daemon to be restarted.
I guess we can have it call into the rpc server code when it starts up
and the server could do the connect then? We need some way for
userspace to tell the server that the new upcall is supported anyway.
--b.
next prev parent reply other threads:[~2012-11-15 18:59 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-08 10:56 [PATCH v3] SUNRPC: set desired file system root before connecting local transports Stanislav Kinsbursky
2012-10-09 19:35 ` J. Bruce Fields
2012-10-09 19:49 ` Myklebust, Trond
2012-10-09 20:20 ` Eric W. Biederman
2012-10-09 22:31 ` J. Bruce Fields
2012-10-09 22:47 ` Eric W. Biederman
2012-10-10 1:23 ` J. Bruce Fields
2012-10-10 10:32 ` Stanislav Kinsbursky
2012-10-26 17:52 ` J. Bruce Fields
2012-10-10 2:00 ` Eric W. Biederman
2012-10-10 5:09 ` Stanislav Kinsbursky
2012-10-10 5:03 ` Stanislav Kinsbursky
2012-11-06 10:14 ` Stanislav Kinsbursky
2012-11-06 12:06 ` J. Bruce Fields
2012-11-06 12:11 ` Stanislav Kinsbursky
2012-11-06 13:05 ` J. Bruce Fields
2012-11-06 12:40 ` Christoph Hellwig
2012-11-06 13:07 ` J. Bruce Fields
2012-11-06 13:10 ` Christoph Hellwig
2012-11-06 13:36 ` J. Bruce Fields
2012-11-07 18:33 ` J. Bruce Fields
2012-11-12 8:37 ` Stanislav Kinsbursky
2012-11-14 21:01 ` J. Bruce Fields
2012-11-14 21:36 ` Myklebust, Trond
2012-11-14 21:42 ` J. Bruce Fields
2012-11-14 21:51 ` Myklebust, Trond
2012-11-14 21:54 ` J. Bruce Fields
2012-11-15 6:14 ` Eric W. Biederman
2012-11-15 13:34 ` Myklebust, Trond
2012-11-15 18:58 ` J. Bruce Fields [this message]
2012-11-15 8:35 ` Stanislav Kinsbursky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121115185853.GA22448@fieldses.org \
--to=bfields@fieldses.org \
--cc=Trond.Myklebust@netapp.com \
--cc=devel@openvz.org \
--cc=ebiederm@xmission.com \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=simo@redhat.com \
--cc=skinsbursky@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).