From owner-freebsd-current@FreeBSD.ORG Mon Nov 16 16:37:36 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E96B410656A4 for ; Mon, 16 Nov 2009 16:37:36 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-annu.mail.uoguelph.ca (esa-annu.mail.uoguelph.ca [131.104.91.36]) by mx1.freebsd.org (Postfix) with ESMTP id 93F7B8FC25 for ; Mon, 16 Nov 2009 16:37:36 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApoEAPIOAUuDaFvJ/2dsb2JhbADWeIQ8BIFt X-IronPort-AV: E=Sophos;i="4.44,752,1249272000"; d="scan'208";a="54079247" Received: from ganges.cs.uoguelph.ca ([131.104.91.201]) by esa-annu-pri.mail.uoguelph.ca with ESMTP; 16 Nov 2009 11:37:26 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by ganges.cs.uoguelph.ca (Postfix) with ESMTP id 0066AFB80A4; Mon, 16 Nov 2009 11:37:25 -0500 (EST) X-Virus-Scanned: amavisd-new at ganges.cs.uoguelph.ca Received: from ganges.cs.uoguelph.ca ([127.0.0.1]) by localhost (ganges.cs.uoguelph.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tb2+lUoj9QXh; Mon, 16 Nov 2009 11:37:25 -0500 (EST) Received: from muncher.cs.uoguelph.ca (muncher.cs.uoguelph.ca [131.104.91.102]) by ganges.cs.uoguelph.ca (Postfix) with ESMTP id 1A0A6FB80A6; Mon, 16 Nov 2009 11:37:25 -0500 (EST) Received: from localhost (rmacklem@localhost) by muncher.cs.uoguelph.ca (8.11.7p3+Sun/8.11.6) with ESMTP id nAGGjHU08426; Mon, 16 Nov 2009 11:45:17 -0500 (EST) X-Authentication-Warning: muncher.cs.uoguelph.ca: rmacklem owned process doing -bs Date: Mon, 16 Nov 2009 11:45:17 -0500 (EST) From: Rick Macklem X-X-Sender: rmacklem@muncher.cs.uoguelph.ca To: =?utf-8?B?R2Vycml0IEvDvGhu?= In-Reply-To: <20091116171527.0b44bae8.gerrit@pmp.uni-hannover.de> Message-ID: References: <20091112182414.cebec1df.gerrit@pmp.uni-hannover.de> <20091113103626.414acdbc.gerrit@pmp.uni-hannover.de> <20091116112631.e8733905.gerrit@pmp.uni-hannover.de> <20091116171527.0b44bae8.gerrit@pmp.uni-hannover.de> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="-559023410-851401618-1258389917=:7499" Cc: freebsd-current@freebsd.org Subject: Re: nfsv4 FreeBSD server vs. Linux client I/O error X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Nov 2009 16:37:37 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. ---559023410-851401618-1258389917=:7499 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Mon, 16 Nov 2009, Gerrit K=C3=BChn wrote: > > Not for me, I do not need the feature. I was only thinking about it > because the better security of nfsv4 is easily gotten around when you > allow for the old v3 mounts in parallel. > You can use the "sec=3D" export option to restrict mount points to only allowing Kerberos (this works for NFSv3 as well as NFSv4) and is what will give you better security. (It's not an NFSv4 specific feature, it just happens to be required by the NFSv4 RFC.) rick ---559023410-851401618-1258389917=:7499--