On Tue, 2009-08-25 at 14:39 -0400, Trond Myklebust wrote: > On Tue, 2009-08-25 at 13:17 -0500, Tom Haynes wrote: > > Trond Myklebust wrote: > > > On Tue, 2009-08-25 at 11:49 -0500, Tom Haynes wrote: > > > > > >> With OpenSolaris NFSv3, there is no autonegotiation. With NFSv4, we > > >> support the autonegotiation > > >> as defined in the protocol. > > >> > > >> We just went through a regression with this algorithm. > > >> > > > > > > NFSv4 also allows the server to change the list of supported security > > > flavours on the fly at any point in the namespace, and at any time. How > > > does OpenSolaris currently deal with this? > > > > > > > > > > The client gets a WRONGSEC and then initiates auto-negotiation. > > > > Right, but are there any limits to that? > > Will it, for instance, allow process 1 to continue using auth_sys, while > process 2 switches to using krb5 on the same file? > > Should it recover in the case where the administrator suddenly removes > krb5 from the list, and replaces it with krb5i on all subdirectories > of ../../.. relative to your current working directory?
Sorry. Let me be more specific... Say you have /foo sec=krb5,rw and the administrator adds a new rule /foo/bar sec=krb5i,rw Will your autonegotiator be able to recover processes that are working in /foo/bar/... without disturbing those working in /foo/baz/... ? Cheers Trond -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust at netapp.com www.netapp.com
