From owner-freebsd-fs@FreeBSD.ORG Mon Apr 2 15:22:39 2007 Return-Path: X-Original-To: freebsd-fs@freebsd.org Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F3C3016A401 for ; Mon, 2 Apr 2007 15:22:38 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from dargo.cs.uoguelph.ca (dargo.cs.uoguelph.ca [131.104.94.197]) by mx1.freebsd.org (Postfix) with ESMTP id A2AC113C469 for ; Mon, 2 Apr 2007 15:22:38 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from muncher.cs.uoguelph.ca (muncher.cs.uoguelph.ca [131.104.96.170]) by dargo.cs.uoguelph.ca (8.13.1/8.13.1) with ESMTP id l32EMZi4025354; Mon, 2 Apr 2007 10:22:35 -0400 Received: from localhost (rmacklem@localhost) by muncher.cs.uoguelph.ca (8.11.7p1+Sun/8.11.6) with ESMTP id l32ENrS02776; Mon, 2 Apr 2007 10:23:53 -0400 (EDT) X-Authentication-Warning: muncher.cs.uoguelph.ca: rmacklem owned process doing -bs Date: Mon, 2 Apr 2007 10:23:53 -0400 (EDT) From: Rick Macklem X-X-Sender: rmacklem@muncher To: Jim Rees In-Reply-To: <20070402140030.GA16107@citi.umich.edu> Message-ID: References: <1175481486.39754.2.camel@jill.exit.com> <20070402120048.GA19688@citi.umich.edu> <1175520945.44258.8.camel@jill.exit.com> <20070402140030.GA16107@citi.umich.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Scanned-By: MIMEDefang 2.57 on 131.104.94.197 Cc: freebsd-fs@freebsd.org Subject: Re: NFS4 on FreeBSD? X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2007 15:22:39 -0000 On Mon, 2 Apr 2007, Jim Rees wrote: > Frank Mayhar wrote: > > Hmm. It was my impression that the rpcsec_gss stuff was only for NFS4. > I take it that my impression was wrong? (I guess I had better double- > check and make sure that it's really NFS4 that is needed, and not > kerberized NFS3.) > > That's correct, but there is an earlier non-gss kerberized v3 protocol. I > believe at one time there were implementations in bsd and linux, but these > are being removed for lack of interest and to push people to v4. I can't > find any traces of it in FreeBSD but parts of it are still in OpenBSD. I > have never used it and don't know if it works. That was ancient code that I did for 4.4BSD and was never adopted by anyone. When people refer to Kerberized NFSv3 these days, they are using the same RPCSEC_GSS code that NFSv4 adopted. This is in Solaris10 and I believe that current versions of Linux2.6 might have the v3 support as well as v4. (As far as I know, the only difference between using RPCSEC_GSS/krb5 on v4 vs v3 is the mount protocol and, at least Solaris10, will allow the mount protocol to use AUTH_SYS for a sec=krb5 mount.) So, if you find a Kerberized NFSv3 it will probably support NFSv4 as well. rick