[PATCH] svcrpc: auth_domain documentation

Thu, 31 Mar 2005 10:58:17 -0800 

ChangeSet 1.2307, 2005/03/31 08:57:45-08:00, [EMAIL PROTECTED]

        [PATCH] svcrpc: auth_domain documentation
        
        The use of auth_domains is somewhat confusing, in part because they were
        originally intended to be used in a more general way than they 
currently are.
        
        Update the documentation a little with an eye towards how it's 
currently used.
        
        Signed-off-by: J. Bruce Fields <[EMAIL PROTECTED]>
        Signed-off-by: Neil Brown <[EMAIL PROTECTED]>
        Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
        Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>



 svcauth.h |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)


diff -Nru a/include/linux/sunrpc/svcauth.h b/include/linux/sunrpc/svcauth.h
--- a/include/linux/sunrpc/svcauth.h    2005-03-31 10:29:24 -08:00
+++ b/include/linux/sunrpc/svcauth.h    2005-03-31 10:29:24 -08:00
@@ -26,21 +26,23 @@
 struct svc_rqst;               /* forward decl */
 
 /* Authentication is done in the context of a domain.
- * For a server, a domain represents a group of clients using
+ *
+ * Currently, the nfs server uses the auth_domain to stand
+ * for the "client" listed in /etc/exports.
+ *
+ * More generally, a domain might represent a group of clients using
  * a common mechanism for authentication and having a common mapping
  * between local identity (uid) and network identity.  All clients
  * in a domain have similar general access rights.  Each domain can
  * contain multiple principals which will have different specific right
  * based on normal Discretionary Access Control.
  *
- * For a client, a domain represents a number of servers which all
- * use a common authentication mechanism and network identity name space.
- *
  * A domain is created by an authentication flavour module based on name
  * only.  Userspace then fills in detail on demand.
  *
- * The creation of a domain typically implies creation of one or
- * more caches for storing domain specific information.
+ * In the case of auth_unix and auth_null, the auth_domain is also
+ * associated with entries in another cache representing the mapping
+ * of ip addresses to the given client.
  */
 struct auth_domain {
        struct  cache_head      h;
-
To unsubscribe from this list: send the line "unsubscribe bk-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to