I just committed a set of changes to efs-utils, specifically efs_virtual_machine, that adds the necessary configuration changes to enable the use of NFSv4 in the test.efs setup. Over the next couple of weeks, I will be working on the hard part: changes to efs-core.
i don't think this is going to be all that hard, to be honest, certainly not compared to trying to support OpenAFS (which remains partially complete). However, I will be branching off of the openafs branch, simply because I already added a bunch of switches to handle the nfs3/nfs4/afs cases in numerous places throughout the code. The first thing I'm going to do is ensure that the existing branch passes the full test suite when using NFSv3, and then I'll focus on the NFSv4 changes. I won't merge this new branch into master until I have verified that is works for *both* the (soon to be legacy) NFSv3 mode, as well as NFSv4. OpenAFS? That's going to have to wait for someone who actually wants it to champion it, and then I'll consider investing some of my time into it. My strategy is very simple, really. I'm looking to improve security dramatically by no longer running efsd as root, but as the efsops user instead. I don't think we need root for *anything* anymore, since we should be able to use NFSv4 ACLs to control all access to the filesystem. The headaches will come when we try to make this work for different platforms, other than RHEL5, simply because the NFSv4 implementation varies significantly from one platform to the next. In any event, I am working on this full time again, and have made a LOT of progress demystifying NFSv4 this week. Once you get it working, it's not that hard to deal with, but getting to that point is a challenge, simply because of the lack of good tutorials and overviews on the subject. Most of what's out there is very dated or incomplete, and again the platform specific variations make it difficult.
_______________________________________________ EFS-dev mailing list [email protected] http://mailman.openefs.org/mailman/listinfo/efs-dev
