Date: Mon, 11 Oct 2004 11:33:25 +0100 From: "Jamie Heckford" <jamie@tridentmicrosystems.co.uk> To: <freebsd-questions@freebsd.org> Cc: rwatson@freebsd.org Subject: RE: Mixing fBSD 4 and 5 - NFS ACL's Message-ID: <099D8730F34B9A41B598D18F763555FA09E94C@exchange.trident-uk.co.uk>
next in thread | raw e-mail | index | archive | help
Thanks Matt, I'll have a look at GEOM gate but will most likely have to wait for the NFS support. If anyone needs any help testing the NFS Server work I'll be more than happy. Jamie=20 -----Original Message----- From: Matthew Seaman [mailto:m.seaman@infracaninophile.co.uk]=20 Sent: 11 October 2004 11:10 To: Jamie Heckford Cc: freebsd-questions@freebsd.org Subject: Re: Mixing fBSD 4 and 5 - NFS ACL's On Mon, Oct 11, 2004 at 10:45:07AM +0100, Jamie Heckford wrote: > I need to use the new ACL feature on one of our servers..... However=20 > the data doesn't reside on the server that its being served from it is > mounted via NFS. >=20 > Im guessing I will need to install fBSD5 on the two servers I want to=20 > use ACL on, but will the other fBSD4 servers still be able to use NFS=20 > ok (they don't need to use ACL)?? >=20 > Guess the question is can fBSD4 machines use fBSD5 NFS servers ok, and > also, how stable is / does ACL even work between to fBSD5 machines=20 > using NFS? See http://lists.freebsd.org/pipermail/freebsd-current/2004-October/039747.h tml under the 'Desired Features for 5.3-RELEASE' section: | | | | Currently, MAC | | | | | protections are | | | | | enforced only on | | | | | locally originated | | | | | file system | | | | | operations (VOPs), | | | | | and not on RPCs | | | | | generated via the | | | | | NFS server. | | MAC support for | | | Improvements in NFS | | NFS Server | Not done | Robert Watson | server credential | | | | | handling are | | | | | required to correct | | | | | this problem, as | | | | | well as the | | | | | introduction of new | | | | | entry points to | | | | | properly label NFS | | | | | credentials and | | | | | perform enforcement | | | | | properly. | So the only possibility for ACL support over NFS is going to be a 5.x release, but seeing as it hasn't been included yet, probably not 5.3-RELEASE. One possible route around that would be to use GEOM Gate -- that's a system rather like iSCSI or Linux's DRDB, where the server exports a disk device, rather than a filesystem. This is a standard part of 5.x now, and will be in 5.3-RELEASE, but it's still very new, so test carefully before putting it onto important servers. See:=20 =20 http://lists.freebsd.org/pipermail/freebsd-current/2004-May/026768.html =20 http://www.freebsd.org/cgi/man.cgi?query=3Dggatec&apropos=3D0&sektion=3D0= &manp ath=3DFreeBSD+6.0-current&format=3Dhtml =20 http://www.freebsd.org/cgi/man.cgi?query=3Dggated&apropos=3D0&sektion=3D0= &manp ath=3DFreeBSD+6.0-current&format=3Dhtml =20 http://www.freebsd.org/cgi/man.cgi?query=3Dggatel&apropos=3D0&sektion=3D0= &manp ath=3DFreeBSD+6.0-current&format=3Dhtml A FreeBSD 4.x machine should quite happily use a 5.x machine as a NFS server. FreeBSD 4.x has no support for GEOM Gate though. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?099D8730F34B9A41B598D18F763555FA09E94C>