[fedfs-utils] [PATCH 00/11] RPCSEC GSS support for FedFS ADMIN client
Chuck Lever
chuck.lever at oracle.com
Tue Dec 10 09:37:52 PST 2013
On Dec 2, 2013, at 3:31 PM, Chuck Lever <chuck.lever at oracle.com> wrote:
> Introduce a library similar to libnsdb that supports FedFS ADMIN
> operations, hiding the RPC and GSS-related details, and allowing
> reuse across all programs that use the FedFS ADMIN protocol.
>
> With libadmin comes support for RPCSEC GSS, and with that, Kerberos
> security for the client parts of the ADMIN protocol implementation
> in fedfs-utils. Details and requirements for RPCSEC GSS in the
> ADMIN protocol are documented here, for now:
>
> https://datatracker.ietf.org/doc/draft-cel-nfsv4-fedfs-security-addendum/
>
> The fedfsc tools no longer use AUTH_NONE to communicate with fedfsd.
> They now use either AUTH_SYS or RPCSEC_GSS.
>
> Our rpc.fedfsd currently doesn't check RPC security, so it should
> continue to allow operation when the fedfsc tools use
> "--security=sys". This permits backwards compatibility with the
> rpc.fedfsd provided in fedfs-utils 0.9 and earlier.
>
> Review period ends Monday, December 9, 2013 at midnight ET.
These have been committed.
> ---
>
> Chuck Lever (11):
> libadmin: Introduce admin_t objects
> fedfsc: Convert fedfs-create-junction to use new libadmin API
> fedfsc: Convert fedfs-create-replication to use new libadmin API
> fedfsc: Convert fedfs-delete-junction to use new libadmin API
> fedfsc: Convert fedfs-delete-replication to use new libadmin API
> fedfsc: Convert fedfs-get-limited-nsdb-params to use new libadmin API
> fedfsc: Convert fedfs-get-limited-nsdb-params to use new libadmin API
> fedfsc: Convert fedfs-lookup-junction to use new libadmin API
> fedfsc: Convert fedfs-lookup-replication to use new libadmin API
> fedfsc: Convert fedfs-null to use new libadmin API
> fedfsc: Convert fedfs-set-nsdb-params to use new libadmin API
>
>
> configure.ac | 5
> doc/man/fedfs-create-junction.8 | 112 +---
> doc/man/fedfs-create-replication.8 | 113 +---
> doc/man/fedfs-delete-junction.8 | 105 +---
> doc/man/fedfs-delete-replication.8 | 105 +---
> doc/man/fedfs-get-limited-nsdb-params.8 | 125 +---
> doc/man/fedfs-get-nsdb-params.8 | 125 +---
> doc/man/fedfs-lookup-junction.8 | 167 +-----
> doc/man/fedfs-lookup-replication.8 | 167 +-----
> doc/man/fedfs-null.8 | 50 +-
> doc/man/fedfs-set-nsdb-params.8 | 125 +---
> src/fedfsc/Makefile.am | 2
> src/fedfsc/fedfs-create-junction.c | 223 ++++----
> src/fedfsc/fedfs-create-replication.c | 220 ++++----
> src/fedfsc/fedfs-delete-junction.c | 180 ++++--
> src/fedfsc/fedfs-delete-replication.c | 180 ++++--
> src/fedfsc/fedfs-get-limited-nsdb-params.c | 191 ++++---
> src/fedfsc/fedfs-get-nsdb-params.c | 207 ++++---
> src/fedfsc/fedfs-lookup-junction.c | 397 ++++++--------
> src/fedfsc/fedfs-lookup-replication.c | 401 ++++++--------
> src/fedfsc/fedfs-null.c | 144 +++--
> src/fedfsc/fedfs-set-nsdb-params.c | 214 ++++---
> src/include/Makefile.am | 4
> src/include/admin.h | 286 ++++++++++
> src/include/fedfs.h | 5
> src/libadmin/Makefile.am | 5
> src/libadmin/admin-internal.h | 61 ++
> src/libadmin/admin.c | 386 +++++++++++++
> src/libadmin/gss.c | 281 ++++++++++
> src/libadmin/junction.c | 801 ++++++++++++++++++++++++++++
> src/libadmin/nsdb.c | 407 ++++++++++++++
> src/libadmin/null.c | 74 +++
> 32 files changed, 3887 insertions(+), 1981 deletions(-)
> create mode 100644 src/include/admin.h
> create mode 100644 src/libadmin/admin-internal.h
> create mode 100644 src/libadmin/admin.c
> create mode 100644 src/libadmin/gss.c
> create mode 100644 src/libadmin/junction.c
> create mode 100644 src/libadmin/nsdb.c
> create mode 100644 src/libadmin/null.c
>
> --
> Chuck Lever
>
> _______________________________________________
> fedfs-utils-devel mailing list
> fedfs-utils-devel at oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
--
Chuck Lever
chuck[dot]lever[at]oracle[dot]com
More information about the fedfs-utils-devel
mailing list