[OpenAFS-devel] Re: [OpenAFS] 2020 AFS Technologies Workshop Cancelled.. kafs update

David Howells dhowells@redhat.com
Mon, 06 Apr 2020 13:59:22 +0100 

Giovanni Bracco <giovanni.bracco@enea.it> wrote:

> I have tried for the first time the kafs client on a Fedora 31 and it wor=
ked
> really nicely, I am very impressed by how it is simple to have it working=
. Of
> course I have no be able to make a massive test yet, but it look really
> interesting

There's still the odd bug in there, unfortunately.

> My feeling is that to  put it really in production the main missing point=
s
> are:
>=20
> 1) pam module

Yep.  But the systemd folks are doing their best to make this tricky, I
believe...

> 2) user commands, essentially "fs" first of all and also "pts"

Yeah.  I had a chunk of pts, bos and vos implemented in my python client:

=09http://git.infradead.org/users/dhowells/kafs-utils.git/shortlog/refs/hea=
ds/pythonify

but Python changed the subtlelties of their backend interface and so I've
started the process of rewriting in C:

=09http://git.infradead.org/users/dhowells/kafs-utils.git/shortlog/refs/hea=
ds/rewrite-in-c

However, I need to fix the server rotation policy in the kernel first so th=
at
I can copy it into kafs-utils.

And there's another issue with implementing the fs tools - and that's that =
I'm
not allowed to implement pioctl(2) or afs(2), so I have to find other ways =
of
doing things:

=09https://www.infradead.org/~dhowells/kafs/user_interface.html

But the main issue is that, for the most part, I'm the only one working on
them - and that's in addition to my normal job.

> 3) inotify

Implementing inotify/dnotify/fanotify is hard because I can't tell from a
callback what changed - only that something has.  By examining the data
version I can tell whether the contents of the object changed or whether it
was an attribute/ACL change, but then I have to compare the attributes or, =
if
a directory, the contents, to see which event to generate.

> The bos, vos and backup command can be run on server nodes, which can be
> standard OpenAFS systems, am I right?

The OpenAFS bos, vos and backup commands can be run from the client too, I
think, since they don't require any interaction with the afs kernel module.

David