(Illustration by Gaich Muramatsu)
On Tue, 8 Jul 2003, Jan Harkes wrote: > > > > On Mon, Jul 07, 2003 at 10:45:47AM +0200, Dick Kniep wrote: > > I am sorry, but i don't understand in which combination (exactly) > > i can use (safely) Coda with NFS. > > Well, the problem is mainly that the NFS 'layer' makes it impossible to > use cfs and repair and such on the NFS clients. So as long as you stick > to read-only operation it should be fine, but when you write anything > there is a chance that there will be a conflict. I think before allowing writes to Coda via NFS one has to solve the problem to 1. give the NFS daemon suitable Coda credentials for each user 2. teach NFS daemon to switch identities according to user ids doing write requests otherwise the NFS uid-bound unix permission checks will be unavailable. That is going to be tricky, so it is hard to expect any "safe" Coda export over NFS. Of course if it is one and only user possibly present on all allowed NFS clients, it might work, but then all the things Jan wrote about still apply. Readonly Coda export via NFS should be "ok", but AFAIK it would work _only_ with the user space daemon, and with the "reexport" flag. Samba export of Coda might work better than NFS as the daemon needs a password to establish an authenticated connection and hence can get the corresponding tokens. We do it with DFS for the sake of some platforms and it works fine (over stunnel to protect the clear text passwords). Anyway a native Coda client is better. My 2c, -- IvanReceived on 2003-07-08 16:05:44