[Lustre-devel] GSS cross-realm broken in lsvcgssd
Eric Mei
Eric.Mei at Sun.COM
Fri Jun 20 09:13:52 PDT 2008
Hello Ben,
Benjamin Bennett wrote:
> lsvcgssd from the current HEAD refuses all remote-realm principals, the
> culprit is get_ids() in lustre/utils/gss/svcgssd_proc.c
>
> In the previous revision (1.4):
> MDS accepts remote principals with mapping to local user.
> OSS accepts remote "lustre_root at SOMEREALM" principals.
> Any other remote principals are logged as unmapped and failed.
>
> In the current revision (1.5, since Jan):
> MDS fails all remote principals.
> OSS fails all remote principals.
> Unmapped remote principals are logged, mapped are not.
>
> The attached patch (against 1.5):
> Restores previous MDS behavior of accepting remote principals with
> mapping to local user.
> Modifies OSS behavior to accept remote "lustre_root at SOMEREALM" and
> "lustre_root/hostname at SOMEREALM" principals.
> Fixes logging errors in get_ids().
We didn't really tested cross-realm cases. The patch looks great, we'll
merge it into our CVS asap. Thanks a lot!
--
Eric
More information about the lustre-devel
mailing list