NFS server caches client mount permissions?

Linux NFS development
 help / color / mirror / Atom feed

From: Rik Theys <Rik.Theys@esat.kuleuven.be>
To: linux-nfs@vger.kernel.org
Subject: NFS server caches client mount permissions?
Date: Tue, 01 Jul 2014 15:03:41 +0200	[thread overview]
Message-ID: <53B2B1AD.4080507@esat.kuleuven.be> (raw)

Hi,

We use NFS4 to export data to other clients. The exports file has the 
directories exported to netgroups, for example:

/export		@nfs(rw,async,no_subtree_check,fsid=0)
/export/data1	@nfs(rw,async,no_subtree_check)
/export/data2	@nfs(rw,async,no_subtree_check)

If we forget to add a new client to the netgroup, the server rejects the 
mount from the client (as it should). But when we then add the client to 
the netgroup it can take up to 15 minutes for the server to accept the 
new client.

Using 'getent netgroup nfs' on the server immediately shows the new 
entry of the client.

Running exportfs -rv to reload the exports also doesn't help.

Does nfsd cache mount access (rejections) somewhere? How can I 
flush/tune this cache? Preferably without restarting the NFS server as 
that causes a 90s interruption due to the grace period.

Regards,

Rik

-- 
Rik Theys
System Engineer
KU Leuven - Dept. Elektrotechniek (ESAT)
Kasteelpark Arenberg 10 bus 2440  - B-3001 Leuven-Heverlee
+32(0)16/32.11.07
----------------------------------------------------------------
<<Any errors in spelling, tact or fact are transmission errors>>

next             reply	other threads:[~2014-07-01 13:11 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-01 13:03 Rik Theys [this message]
2014-07-02  2:20 ` NFS server caches client mount permissions? NeilBrown
2014-07-02  6:58   ` Rik Theys

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53B2B1AD.4080507@esat.kuleuven.be \
    --to=rik.theys@esat.kuleuven.be \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox