Another patch to nfs-utils
Kevin Coffman
kwc at citi.umich.edu
Thu Jul 3 13:08:29 EDT 2008
Hi Lukáš,
libnfsidmap is still maintained separately from nfs-utils. We
actually changed the architecture of libnfsidmap to allow for plugins
for just this situation. That version of libnfsidmap is still in
"beta". I have not heard any comments about it yet. It sounds like
this would be a good test to see if this new plugin architecture meets
the need it was designed for. I've included the announcement below.
Let me know how it works and perhaps it can be made "official".
Thanks,
K.C.
------
A new *BETA* version of libnfsidmap is now available from
http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/libnfsidmap-0.21b1.tar.gz
Changes since libnfsidmap-0.20:
The main library has been changed to load "plugin" libraries to
perform the mappings. This decouples the main library from any ldap
(and sasl, etc.) dependencies.
Several translation methods (plugins) may now be specified in the
idmapd.conf file. While a plugin returns -ENOENT, the next is called
until a mapping is found, or there are no more plugins to try.
A "static" mapping plugin from David Härdeman <david at hardeman.nu> has
been added.
A "gums" mapping plugin from Olga Kornievskaia <aglo at citi.umich.edu>
has been added. Olga also did most of the work to convert the code to
use this new plugin architecture.
The interface is changed to add two new functions,
nfs4_gss_princ_to_ids_ex(), and nfs4_gss_princ_to_grouplist_ex() which
allow extra information to be passed to these mapping functions.
Please try it out and give us feedback.
------
2008/7/3 Lukas Hejtmanek <xhejtman at ics.muni.cz>:
> Kevin,
>
> my further modifications of nfs-utils are related to idmapd and mainly
> libnfsidmap. Currently, we have two possible translation methods: umich and
> nsswitch. Umich relies on ldap and nsswitch usually on /etc/passwd and
> /etc/group files.
>
> I made another translation method called mnsswitch that resembles nsswitch
> except the files. I use /etc/passwd-nfs4 and /etc/group-nfs4 for mapping,
> their format is almost identical to /etc/passwd and /etc/group except it
> contains user names including their domains so that it is usable in
> cross-realms. We do not want to use ldap because it makes nfs4 depending on
> another running service while the files are always available.
>
> Whould you be interested as well on not at all?
>
> --
> Lukáš Hejtmánek
>
>
More information about the NFSv4
mailing list