Host based authentication
Steve Gaarder
gaarder at math.cornell.edu
Fri Apr 20 12:19:34 EDT 2007
On Fri, 20 Apr 2007, J. Bruce Fields wrote:
>
> If everyone was happy with a squashing scheme that required very little
> data to describe (like, squash everyone with a uid higher than N), then
> it might be possible to just add an export option. If people want to
> squash all but some arbitrarily set of id's, or remap id's in some more
> complicated way, then we need to add a new mechanism by which the kernel
> can query a daemon for the mapping, etc. (probably using another server
> cache thing--see net/sunrpc/cache.c).
>
> The squashing is done in fs/nfsd/auth.c:nfsd_setuser(), which is where
> any new mechanism would need to hook in.
>
I'd be quite happy with an "all_squash_except=xxxx" export option, and
would rather not wait for a more full-featured mechanism to be designed.
cheers,
Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
gaarder at math.cornell.edu
More information about the NFSv4
mailing list