[PATCH 0/5] Dynamic Pseudo Root
Trond Myklebust
trond.myklebust at fys.uio.no
Tue Feb 19 14:37:05 EST 2008
On Tue, 2008-02-19 at 14:09 -0500, J. Bruce Fields wrote:
> I lost you with the "per-_user_" thing. Could you give an example?
>
> Are you expecting that something like
>
> /foo/bar client1(sec=krb5)
> /foo/bar/baz client1(sec=sys:krb5)
>
> would result in client1 being allowed to do a krb5 nfsv4 readdir on
> /foo/bar and get a directory with just "baz"?
You mean an AUTH_SYS readdir, right? Yes, that's the case I'm thinking
of.
> I would have expected such a readdir to just get wrongsec.
Why? As far as the auth_sys user is concerned, he is just walking
through a pseudo-fs in order to access the directory 'baz'. The
equivalent in NFSv3-speak would be to do
showmount -e server
mount server:/foo/bar/baz /mnt
which is run-of-the-mill stuff for autofs.
Trond
More information about the NFSv4
mailing list