Project

General

Profile

Feature #5296

Support for more than 16 groups with AUTH_SYS

Added by Marcel Telka almost 6 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
nfs - NFS server and client
Start date:
2014-11-07
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description


Related issues

Related to illumos gate - Feature #4943: NFS server: Generic uid and gid remapping for AUTH_SYSClosedMarcel Telka2014-06-27

Actions
Related to illumos gate - Bug #5436: Panic due to bad mutex, from auth_cache being previously freedClosedMarcel Telka2014-12-15

Actions
Related to illumos gate - Bug #5440: bad free at checkauth+0x1a2()ClosedMarcel Telka2014-12-17

Actions
Related to illumos gate - Bug #6458: nfsauth_cache_get() deadlock with kmem reap threadClosedMarcel Telka2015-11-16

Actions
Related to illumos gate - Bug #6770: nfsauth_retrieve() flood caused by NFS clients with personal identity problemsClosedMarcel Telka2016-03-20

Actions
#1

Updated by Marcel Telka almost 6 years ago

The implementation will use similar architecture as it was used for the uidmap/gidmap implementation (#4943). When the incoming AUTH_SYS credential will contain 16 groups, and the ngroups_max is set to more than 16, the in-kernel NFS server will ask mountd using the local nfsauth protocol (via doors) for the additional groups. The mountd will consult nss services to obtain the complete list of groups for the particular user and pass them back down to kernel.

#2

Updated by Electric Monk almost 6 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

git commit 89621fe174cf95ae903df6ceab605bf24d696ac3

commit  89621fe174cf95ae903df6ceab605bf24d696ac3
Author: Marcel Telka <marcel.telka@nexenta.com>
Date:   2014-11-25T20:31:18.000Z

    5296 Support for more than 16 groups with AUTH_SYS
    Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
    Reviewed by: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

#3

Updated by Marcel Telka almost 5 years ago

  • Related to Bug #6458: nfsauth_cache_get() deadlock with kmem reap thread added
#4

Updated by Marcel Telka over 4 years ago

  • Related to Bug #6770: nfsauth_retrieve() flood caused by NFS clients with personal identity problems added

Also available in: Atom PDF