2005-03-22 05:42:12

by NeilBrown

[permalink] [raw]
Subject: [PATCH kNFSd 1 of 16] svcrpc: auth_domain documentation


The use of auth_domains is somewhat confusing, in part because they were
originally intended to be used in a more general way than they currently are.

Update the documentation a little with an eye towards how it's currently used.

Signed-off-by: J. Bruce Fields <[email protected]>
Signed-off-by: Neil Brown <[email protected]>

### Diffstat output
./include/linux/sunrpc/svcauth.h | 14 ++++++++------
1 files changed, 8 insertions(+), 6 deletions(-)

diff ./include/linux/sunrpc/svcauth.h~current~ ./include/linux/sunrpc/svcauth.h
--- ./include/linux/sunrpc/svcauth.h~current~ 2005-03-22 16:35:20.000000000 +1100
+++ ./include/linux/sunrpc/svcauth.h 2005-03-22 16:36:34.000000000 +1100
@@ -26,21 +26,23 @@ struct svc_cred {
struct svc_rqst; /* forward decl */

/* Authentication is done in the context of a domain.
- * For a server, a domain represents a group of clients using
+ *
+ * Currently, the nfs server uses the auth_domain to stand
+ * for the "client" listed in /etc/exports.
+ *
+ * More generally, a domain might represent a group of clients using
* a common mechanism for authentication and having a common mapping
* between local identity (uid) and network identity. All clients
* in a domain have similar general access rights. Each domain can
* contain multiple principals which will have different specific right
* based on normal Discretionary Access Control.
*
- * For a client, a domain represents a number of servers which all
- * use a common authentication mechanism and network identity name space.
- *
* A domain is created by an authentication flavour module based on name
* only. Userspace then fills in detail on demand.
*
- * The creation of a domain typically implies creation of one or
- * more caches for storing domain specific information.
+ * In the case of auth_unix and auth_null, the auth_domain is also
+ * associated with entries in another cache representing the mapping
+ * of ip addresses to the given client.
*/
struct auth_domain {
struct cache_head h;


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs