public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed
From: Tom Haynes <tdh-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: linux-nfs@vger.kernel.org
Subject: Re: Bug in server's export -- List of security flavors
Date: Thu, 16 Jul 2009 15:13:52 -0500	[thread overview]
Message-ID: <4A5F8A00.8000104@excfb.com> (raw)
In-Reply-To: <20090716194546.GG2495@fieldses.org>

support/nfs/exports.c

505                 if (strcmp(opt, "ro") == 0)
506                         setflags(NFSEXP_READONLY, active, ep);
507                 else if (strcmp(opt, "rw") == 0)
508                         clearflags(NFSEXP_READONLY, active, ep);
...
624                 } else if (strncmp(opt, "sec=", 4) == 0) {
625                         active = parse_flavors(opt+4, ep);

If you find a 'sec=' you go ahead and set it in the e_secinfo array.

But if you encounter a rw or ro before you encounter a 'sec=', you do
not set a flavor in the e_secinfo array.

What we do is if we encounter the 'rw' or 'ro' before the 'sec=', then
it defaults to being a AUTH_SYS flavor. If we encounter it after, then
we know which flavor to set it as.

Of course, we have to account for what happens if we have the following:
share -F nfs -o rw,sec=sys,ro /foo

Because we can't have both a rw and ro export.


  reply	other threads:[~2009-07-16 20:14 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-07-16 16:58 Bug in server's export -- List of security flavors Tom Haynes
     [not found] ` <4A5F5C4C.3070308-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
2009-07-16 18:56   ` J. Bruce Fields
2009-07-16 19:25     ` Tom Haynes
     [not found]       ` <4A5F7EA9.9050309-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
2009-07-16 19:45         ` J. Bruce Fields
2009-07-16 20:13           ` Tom Haynes [this message]
     [not found]             ` <4A5F8A00.8000104-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
2009-07-22  0:09               ` J. Bruce Fields
2009-08-17 17:33                 ` [PATCH] Don't give client an empty flavor list J. Bruce Fields
2009-08-03 13:11         ` Bug in server's export -- List of security flavors Chuck Lever

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4A5F8A00.8000104@excfb.com \
    --to=tdh-8adz+hgo7noavxtiumwx3w@public.gmane.org \
    --cc=bfields@fieldses.org \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox