[fedfs-utils] [PATCH 00/11] RPCSEC GSS support for FedFS ADMIN client
Chuck Lever
chuck.lever at oracle.com
Mon Dec 2 12:31:58 PST 2013
Introduce a library similar to libnsdb that supports FedFS ADMIN
operations, hiding the RPC and GSS-related details, and allowing
reuse across all programs that use the FedFS ADMIN protocol.
With libadmin comes support for RPCSEC GSS, and with that, Kerberos
security for the client parts of the ADMIN protocol implementation
in fedfs-utils. Details and requirements for RPCSEC GSS in the
ADMIN protocol are documented here, for now:
https://datatracker.ietf.org/doc/draft-cel-nfsv4-fedfs-security-addendum/
The fedfsc tools no longer use AUTH_NONE to communicate with fedfsd.
They now use either AUTH_SYS or RPCSEC_GSS.
Our rpc.fedfsd currently doesn't check RPC security, so it should
continue to allow operation when the fedfsc tools use
"--security=sys". This permits backwards compatibility with the
rpc.fedfsd provided in fedfs-utils 0.9 and earlier.
Review period ends Monday, December 9, 2013 at midnight ET.
---
Chuck Lever (11):
libadmin: Introduce admin_t objects
fedfsc: Convert fedfs-create-junction to use new libadmin API
fedfsc: Convert fedfs-create-replication to use new libadmin API
fedfsc: Convert fedfs-delete-junction to use new libadmin API
fedfsc: Convert fedfs-delete-replication to use new libadmin API
fedfsc: Convert fedfs-get-limited-nsdb-params to use new libadmin API
fedfsc: Convert fedfs-get-limited-nsdb-params to use new libadmin API
fedfsc: Convert fedfs-lookup-junction to use new libadmin API
fedfsc: Convert fedfs-lookup-replication to use new libadmin API
fedfsc: Convert fedfs-null to use new libadmin API
fedfsc: Convert fedfs-set-nsdb-params to use new libadmin API
configure.ac | 5
doc/man/fedfs-create-junction.8 | 112 +---
doc/man/fedfs-create-replication.8 | 113 +---
doc/man/fedfs-delete-junction.8 | 105 +---
doc/man/fedfs-delete-replication.8 | 105 +---
doc/man/fedfs-get-limited-nsdb-params.8 | 125 +---
doc/man/fedfs-get-nsdb-params.8 | 125 +---
doc/man/fedfs-lookup-junction.8 | 167 +-----
doc/man/fedfs-lookup-replication.8 | 167 +-----
doc/man/fedfs-null.8 | 50 +-
doc/man/fedfs-set-nsdb-params.8 | 125 +---
src/fedfsc/Makefile.am | 2
src/fedfsc/fedfs-create-junction.c | 223 ++++----
src/fedfsc/fedfs-create-replication.c | 220 ++++----
src/fedfsc/fedfs-delete-junction.c | 180 ++++--
src/fedfsc/fedfs-delete-replication.c | 180 ++++--
src/fedfsc/fedfs-get-limited-nsdb-params.c | 191 ++++---
src/fedfsc/fedfs-get-nsdb-params.c | 207 ++++---
src/fedfsc/fedfs-lookup-junction.c | 397 ++++++--------
src/fedfsc/fedfs-lookup-replication.c | 401 ++++++--------
src/fedfsc/fedfs-null.c | 144 +++--
src/fedfsc/fedfs-set-nsdb-params.c | 214 ++++---
src/include/Makefile.am | 4
src/include/admin.h | 286 ++++++++++
src/include/fedfs.h | 5
src/libadmin/Makefile.am | 5
src/libadmin/admin-internal.h | 61 ++
src/libadmin/admin.c | 386 +++++++++++++
src/libadmin/gss.c | 281 ++++++++++
src/libadmin/junction.c | 801 ++++++++++++++++++++++++++++
src/libadmin/nsdb.c | 407 ++++++++++++++
src/libadmin/null.c | 74 +++
32 files changed, 3887 insertions(+), 1981 deletions(-)
create mode 100644 src/include/admin.h
create mode 100644 src/libadmin/admin-internal.h
create mode 100644 src/libadmin/admin.c
create mode 100644 src/libadmin/gss.c
create mode 100644 src/libadmin/junction.c
create mode 100644 src/libadmin/nsdb.c
create mode 100644 src/libadmin/null.c
--
Chuck Lever
More information about the fedfs-utils-devel
mailing list