[OpenAFS] OpenAFS on Linux 2.5.x

James Robinson jlrobins@socialserve.com
Thu, 17 Jul 2003 13:55:19 -0400


On Thursday, July 17, 2003, at 12:01  PM, Russ Allbery 
<rra@stanford.edu> wrote:

> The first thing that you run into is that AFS requires this giant wad 
> of
> code for supporting a fairly odd network protocol, but I believe the
> current problems may revolve around the fact that PAGs are really
> something of a hack.  They're an effective and portable hack, but 
> they've
> caused problems for years (such as with bash calling setgroups on 
> Linux),
> and the overloading of groups to hold stashed network credentials is 
> the
> sort of thing that's going to legitimately raise eyebrows.

Doesn't NFSv4 have a similar hurdle to cross -- needing to stash some
sort of network credential into kernel-space, associated with a set of
processes (hopefully other than associate-by-userid) in order to 
associate
with rpcsec_gss calls?

Also, apparently the citi group got their NFSv4 code into the 2.5.x 
linus-stream
kernel as of March 13, 2003, according to
http://www.citi.umich.edu/projects/nfsv4/ . Any citi folks here to give 
an
overview of their kernel rpcsec_gss implementation and how auth
contexts are related to userspace processes?

James