Coda File System

Re: Coda+NFS

From: Ivan Popov <pin_at_math.chalmers.se>
Date: Tue, 8 Jul 2003 22:04:02 +0200 (MET DST)
On Tue, 8 Jul 2003, Jan Harkes wrote:

> > > > On Mon, Jul 07, 2003 at 10:45:47AM +0200, Dick Kniep wrote:
> >     I am sorry, but i don't understand in which combination (exactly)
> > i can use (safely) Coda with NFS.
>
> Well, the problem is mainly that the NFS 'layer' makes it impossible to
> use cfs and repair and such on the NFS clients. So as long as you stick
> to read-only operation it should be fine, but when you write anything
> there is a chance that there will be a conflict.

I think before allowing writes to Coda via NFS one has to solve the
problem to
1. give the NFS daemon suitable Coda credentials for each user
2. teach NFS daemon to switch identities according to user ids doing
   write requests
otherwise the NFS uid-bound unix permission checks will be unavailable.

That is going to be tricky, so it is hard to expect any "safe" Coda export
over NFS. Of course if it is one and only user possibly present on all
allowed NFS clients, it might work, but then all the things Jan wrote
about still apply.

Readonly Coda export via NFS should be "ok", but AFAIK it would work
_only_ with the user space daemon, and with the "reexport" flag.

Samba export of Coda might work better than NFS as the daemon needs a
password to establish an authenticated connection and hence can get the
corresponding tokens. We do it with DFS for the sake of some platforms and
it works fine (over stunnel to protect the clear text passwords).

Anyway a native Coda client is better.

My 2c,
--
Ivan
Received on 2003-07-08 16:05:44