Providing Web Access to NFSv4 file system
Benjamin Coddington
ben at uvm.edu
Tue May 27 08:34:33 EDT 2008
Hi Ido,
We had a similar requirement, and after much searching, ended up cooking
up our own solution. Currently, the kernel uses the current process' uid
to call back to userspace for credentials. Instead, we allow the kernel
to call for credentials for a uid in a keyring value -- and explicily set
that value before using the filesystem.
http://linux-nfs.org/pipermail/nfsv4/2008-March/008108.html
Also, look into CIT's NFSv4 patches, which create keyring credential
caches, and offer another method of passing additional information to the
kernel besides current.
http://www.citi.umich.edu/projects/asci/icsi-alpha/
Ben
On Tue, 27 May 2008, Ido Levy wrote:
>
> Hello All,
>
> We are running NFSv4 server and would like to provide web access ( through
> Apache ) to users.
> Users are defined as Kerberos 5 principals.
>
> We are using Kerberos module ( mod_auth_kerb ) to authenticate users
> through the browser but don't know the way to allow
> access to the different paths in the tree according to NFSv4 ACLs.
>
> Do you know an Apache module other than mod_auth_kerb -
> http://modauthkerb.sourceforge.net/configure.html
>
> We would appreciate any advice
>
> Best Regards,
>
> Ido Levy
> Linux Services, IS Servers & Network group
> IBM R&D Labs in Israel
> idol at il.ibm.com, +972-4-828-1082
> Fax: +972-4-829-6111, Cell: +972-54-6976082
>
> _______________________________________________
> NFSv4 mailing list
> NFSv4 at linux-nfs.org
> http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4
>
More information about the NFSv4
mailing list