[linux-cifs-client] [RFC PATCH] CIFS posix acl permission checking
simo
idra at samba.org
Fri Mar 12 05:35:42 MST 2010
On Fri, 2010-03-12 at 13:23 +0100, Volker Lendecke wrote:
> On Fri, Mar 12, 2010 at 07:18:32AM -0500, Jeff Layton wrote:
> > > But what's the alternative? Let NFS go and do that piece
> > > better forever? :-)
> > >
> > > Volker
> >
> > Establish sessions as needed, based on a user's own credentials and
> > have the kernel use that session/tcon combinaton instead of those
> > established at mount time. My goal is to have a prototype of this to
> > present at SambaXP, but I may have an initial set of patches in the
> > next few weeks.
>
> Ok, then we rule out batch machines where there are no user
> credentials. NFS does this fine. I know this is REALLY ugly,
> but I have customers who need this. If you have a good
> solution for that problem, I would really be happy to hear
> this. Something like constrained delegation in Kerberos to
> me sounds pretty much like the exact same hack in a
> different place.
The solution in those case is probably S4U2PROXY, or NFS.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
More information about the linux-cifs-client
mailing list