Return-Path: <linux-kernel-owner+willy=40w.ods.org@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S263441AbTEITyS (ORCPT <rfc822;willy@w.ods.org>);
	Fri, 9 May 2003 15:54:18 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263440AbTEITyR
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Fri, 9 May 2003 15:54:17 -0400
Received: from 237.oncolt.com ([213.86.99.237]:22008 "EHLO warthog.warthog")
	by vger.kernel.org with ESMTP id S263438AbTEITyP (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Fri, 9 May 2003 15:54:15 -0400
To: Chris Wright <chris@wirex.com>
Cc: David Howells <dhowells@cambridge.redhat.com>,
       Christoph Hellwig <hch@infradead.org>,
       David Howells <dhowells@redhat.com>,
       Trond Myklebust <trond.myklebust@fys.uio.no>, arjanv@redhat.com,
       viro@parcelfarce.linux.theplanet.co.uk, drepper@redhat.com,
       linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org
Subject: Re: [RFC] New authentication management syscalls 
In-Reply-To: <20030509113916.A29208@figure1.int.wirex.com> 
User-Agent: EMH/1.14.1 SEMI/1.14.4 (Hosorogi) FLIM/1.14.4
 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.4 Emacs/21.2
 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=US-ASCII
Date: Fri, 09 May 2003 21:06:46 +0100
Message-ID: <2973.1052510806@warthog.warthog>
From: David Howells <dhowells@warthog.cambridge.redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1451
Lines: 37


> > I think this might be a better idea than the name of a mountpoint as it
> > would then be possible to set the tokens prior to mounting, maybe so that
> > you _can_ mount.
> > 
> > I'm thinking a bit of samba here, where authentication information needs
> > to be passed upon mounting (workstation/domain, username, password).
> 
> How does this map up with Viro's idea of a two stage mount.  IIRC, it
> was someting akin to:
> 
> fsfd = open(/dev/fs_type/ext2)
> write(fd, "device and options, potentially including auth...");
> mntfd = open("mntpt");
> newmount(fd, mntfd, MNT_ATTACH);
> 
> or something like that.  Wouldn't that give you a free form abiility to
> talk to the fs driver and authenticate as needed?  Is this plan still
> alive?

Then you end up with a copy of the token for every mountpoint, which may not
be what you want.

With my AFS client for instance, you want at most one token per cell per
PAG. Each cell contains potentially lots of volumes, and each volume is
mounted as a separate mount.

OTOH, with OpenAFS, you get one mount for everything and everyone, and that
contains all cells and all volumes, and so will almost certainly have the
tokens uploaded post-mount.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/