• C
    NFS: Use server-recommended security flavor by default (NFSv3) · 4580a92d
    Chuck Lever 提交于
    Since commit ec88f28d in 2009, checking if the user-specified flavor
    is in the server's flavor list has been the source of a few
    noticeable regressions (now fixed), but there is one that is still
    vexing.
    
    An NFS server can list AUTH_NULL in its flavor list, which suggests
    a client should try to mount the server with the flavor of the
    client's choice, but the server will squash all accesses.  In some
    cases, our client fails to mount a server because of this check,
    when the mount could have proceeded successfully.
    
    Skip this check if the user has specified "sec=" on the mount
    command line.  But do consult the server-provided flavor list to
    choose a security flavor if no sec= option is specified on the mount
    command.
    
    If a server lists Kerberos pseudoflavors before "sys" in its export
    options, our client now chooses Kerberos over AUTH_UNIX for mount
    points, when no security flavor is specified by the mount command.
    This could be surprising to some administrators or users, who would
    then need to have Kerberos credentials to access the export.
    
    Or, a client administrator may not have enabled rpc.gssd.  In this
    case, auth_rpcgss.ko might still be loadable, which is enough for
    the new logic to choose Kerberos over AUTH_UNIX.  But the mount
    would fail since no GSS context can be created without rpc.gssd
    running.
    
    To retain the use of AUTH_UNIX by default:
    
      o  The server administrator can ensure that "sys" is listed before
         Kerberos flavors in its export security options (see
         exports(5)),
    
      o  The client administrator can explicitly specify "sec=sys" on
         its mount command line (see nfs(5)),
    
      o  The client administrator can use "Sec=sys" in an appropriate
         section of /etc/nfsmount.conf (see nfsmount.conf(5)), or
    
      o  The client administrator can blacklist auth_rpcgss.ko.
    Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
    Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
    4580a92d
super.c 69.0 KB