Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 16 Apr 2023 19:35:52 GMT
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 89d197cc991a - main - RELNOTES: Add entries for two new NFS features
Message-ID:  <202304161935.33GJZq3b077180@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=89d197cc991acfbb6937be0ce5b9255d14b72160

commit 89d197cc991acfbb6937be0ce5b9255d14b72160
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-04-16 19:34:52 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-04-16 19:34:52 +0000

    RELNOTES: Add entries for two new NFS features
---
 RELNOTES | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/RELNOTES b/RELNOTES
index 9e099e29fe37..b13c0738f70b 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -10,6 +10,26 @@ newline.  Entries should be separated by a newline.
 
 Changes to this file should not be MFCed.
 
+896516e54a8c
+	Add a new "syskrb5" mount option for Kerberized NFSv4.1/4.2 mounts.
+	Without this patch, a Kerberized NFSv4.1/4.2 mount must provide
+	a Kerberos credential for the client at mount time.
+	This patch uses a feature of NFSv4.1/4.2 called SP4_NONE, which
+	allows the state maintenance operations to be performed by any
+	authentication mechanism, so that these operations may be done via
+	AUTH_SYS instead of RPCSEC_GSS (KerberosV).  As such, no Kerberos
+	credential is required at mount time.
+	See mount_nfs(8).
+
+330aa8acdec7,ff2f1f691cdb
+	Adds support for the SP4_MACH_CRED case for the
+	NFSv4.1/4.2 ExchangeID operation since the Linux
+	NFSv4.1/4.2 client is now using this for Kerberized mounts.
+	This change should only affect Kerberized NFSv4.1/4.2 mounts.
+	The Linux Kerberized NFSv4.1/4.2 mounts currently work without
+	support for this because Linux will fall back to SP4_NONE,
+	but there is no guarantee this fallback will work forever.
+
 7344856e3a6d and many others:
 	Add support so that nfsd(8), nfsuserd(8), mountd(8), gssd(8)
 	and rpc.tlsservd(8) can be run in an appropriately configured

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202304161935.33GJZq3b077180>