[1/2] NFS: Attempt AUTH_UNIX style mount before guessing authflavors
diff mbox

Message ID 4DA4AA4D.2060702@netapp.com
State New, archived
Headers show

Commit Message

Bryan Schumaker April 12, 2011, 7:38 p.m. UTC
If an AUTH_UNIX mount returns -EPERM, we guess the authflavor needed
to perform the mount.

Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
---
 fs/nfs/nfs4proc.c |   26 +++++++++++++++++---------
 1 files changed, 17 insertions(+), 9 deletions(-)

Comments

Trond Myklebust April 12, 2011, 7:54 p.m. UTC | #1
On Tue, 2011-04-12 at 15:38 -0400, Bryan Schumaker wrote:
> If an AUTH_UNIX mount returns -EPERM, we guess the authflavor needed
> to perform the mount.
> 
> Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
> ---
>  fs/nfs/nfs4proc.c |   26 +++++++++++++++++---------
>  1 files changed, 17 insertions(+), 9 deletions(-)
> 
> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
> index 8a03ee0..7e27ebf 100644
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -2208,19 +2208,15 @@ out:
>  	return ret;
>  }
>  
> -/*
> - * get the file handle for the "/" directory on the server
> - */
> -static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
> +static int nfs4_find_root_sec(struct nfs_server *server, struct nfs_fh *fhandle,
>  			      struct nfs_fsinfo *info)
>  {
>  	int i, len, status = 0;
> -	rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS + 2];
> +	rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS];
>  
> -	flav_array[0] = RPC_AUTH_UNIX;
> -	len = gss_mech_list_pseudoflavors(&flav_array[1]);
> -	flav_array[1+len] = RPC_AUTH_NULL;
> -	len += 2;
> +	len = gss_mech_list_pseudoflavors(&flav_array[0]);
> +	flav_array[len] = RPC_AUTH_NULL;
> +	len += 1;
>  
>  	for (i = 0; i < len; i++) {
>  		status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]);
> @@ -2228,6 +2224,18 @@ static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
>  			continue;
>  		break;
>  	}
> +	return status;
> +}
> +
> +/*
> + * get the file handle for the "/" directory on the server
> + */
> +static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
> +			      struct nfs_fsinfo *info)
> +{
> +	int status = nfs4_lookup_root(server, fhandle, info);
> +	if (status == -EPERM)
> +		status = nfs4_find_root_sec(server, fhandle, info);
>  	if (status == 0)
>  		status = nfs4_server_capabilities(server, fhandle);
>  	if (status == 0)

Wait. This is still wrong.

What if I have specified 'sec=krb5p' on my 'mount' command line?

Patch
diff mbox

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 8a03ee0..7e27ebf 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -2208,19 +2208,15 @@  out:
 	return ret;
 }
 
-/*
- * get the file handle for the "/" directory on the server
- */
-static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
+static int nfs4_find_root_sec(struct nfs_server *server, struct nfs_fh *fhandle,
 			      struct nfs_fsinfo *info)
 {
 	int i, len, status = 0;
-	rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS + 2];
+	rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS];
 
-	flav_array[0] = RPC_AUTH_UNIX;
-	len = gss_mech_list_pseudoflavors(&flav_array[1]);
-	flav_array[1+len] = RPC_AUTH_NULL;
-	len += 2;
+	len = gss_mech_list_pseudoflavors(&flav_array[0]);
+	flav_array[len] = RPC_AUTH_NULL;
+	len += 1;
 
 	for (i = 0; i < len; i++) {
 		status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]);
@@ -2228,6 +2224,18 @@  static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
 			continue;
 		break;
 	}
+	return status;
+}
+
+/*
+ * get the file handle for the "/" directory on the server
+ */
+static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
+			      struct nfs_fsinfo *info)
+{
+	int status = nfs4_lookup_root(server, fhandle, info);
+	if (status == -EPERM)
+		status = nfs4_find_root_sec(server, fhandle, info);
 	if (status == 0)
 		status = nfs4_server_capabilities(server, fhandle);
 	if (status == 0)