On Jul 27, 2009 12:01 +0200, Arne Wiebalck wrote: > with versions <= 1.8.0.1 is there a more elegant way of blocking > clients from mounting a Lustre fs than configuring IP tables accordingly?
I don't think there is any other easy way to do this. I believe LLNL had a patch to essentially implement xinetd-like allow/deny inside the LNET code, but I don't think it was merged. > Is it correct that with versions >= 2.0 Kerberos will deliver this > 'functionality' as I can enforce the client to authenticate (which > it can't if I refused to give it keytab in the first place)? Right, though Kerberos will not yet be a supported feature in 2.0. Cheers, Andreas -- Andreas Dilger Sr. Staff Engineer, Lustre Group Sun Microsystems of Canada, Inc. _______________________________________________ Lustre-discuss mailing list [email protected] http://lists.lustre.org/mailman/listinfo/lustre-discuss
