On Fri, May 3, 2019 at 5:02 PM David Howells <dhowells(a)redhat.com> wrote:
Nico Kadel-Garcia <nkadel(a)gmail.com> wrote:
> > I really don't want to have to tell ordinary users that "you can't
use this
> > unless you first go and write some systemd scripting".
>
> If you're willing to take on the work to activate afs dependent
> structures and components, it becomes your responsibility to integrate
> it well.
By "you" are you referring to me personally, or anyone wanting to use the kafs
client?
Anyone willing to do the work.
If you're referring to someone wanting to just use the kafs
client, why should
they need to do anything other than install kafs-client? Say they're a
student at a university that has an already-existing AFS infrastructure. They
should just be able to install kafs-client, then they should immediately be
able access the infrastructure with no required local configuration, provided
the infrastructure includes DNS SRV or AFSDB records telling kafs where to
find the cell's Volume Location servers and appropriate kerberos servers.
Say they're not, and need some other distinct setup. If it's
standardized, as is seeming more apparent from the existing SELinux
hooks, OK. Perhaps it's worth adding to the FSH, if it's such a
standard usage?
But to some extent what you're describing is not the fault of
AFS, no matter
the client driver. Whatever is trawling the rootfs can observe the crossing
into a separate filesystem. I should make statx() set attributes to tell you
Not without getting the directory information about "/" to report
information about that unique node. You see the problem?
That's a bit out of date. See:
https://www.infradead.org/~dhowells/kafs/
https://www.infradead.org/~dhowells/kafs/todo.html
The pioctl thing is the most vexing bit. Linus point-blank refuses to let the
pioctl interface into the code, so I'm having to build in workarounds:
https://www.infradead.org/~dhowells/kafs/user_interface.html
David
I'd be inclined to take Linux's opinion over yours on the matter. Not
to question your personal expertise, but he's earned a lot of trust
for his successful authorship and insight in the Linux kernel. I'm
curious what AFS is providing over NFSv4 and autofs based mounts?