[Lustre-discuss] Block clients from mounting a Lustre filesystem
Andreas Dilger
adilger at sun.com
Mon Jul 27 12:53:02 PDT 2009
On Jul 27, 2009 12:01 +0200, Arne Wiebalck wrote:
> with versions <= 1.8.0.1 is there a more elegant way of blocking
> clients from mounting a Lustre fs than configuring IP tables accordingly?
I don't think there is any other easy way to do this. I believe LLNL
had a patch to essentially implement xinetd-like allow/deny inside the
LNET code, but I don't think it was merged.
> Is it correct that with versions >= 2.0 Kerberos will deliver this
> 'functionality' as I can enforce the client to authenticate (which
> it can't if I refused to give it keytab in the first place)?
Right, though Kerberos will not yet be a supported feature in 2.0.
Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.
More information about the lustre-discuss
mailing list