Date: Thu, 4 Jun 2009 11:55:28 -0400 (EDT) From: Rick Macklem <rmacklem@uoguelph.ca> To: Robert Watson <rwatson@FreeBSD.org> Cc: dfr@FreeBSD.org, Dmitry Marakasov <amdmi3@amdmi3.ru>, Michael Moll <kvedulv@kvedulv.de>, Wesley Shields <wxs@FreeBSD.org>, "Bjoern A. Zeeb" <bz@FreeBSD.org>, freebsd-current@FreeBSD.org, Jamie Gritton <jamie@FreeBSD.org> Subject: Re: Kernel panic when accessing ZFS-Filesystem via NFS Message-ID: <Pine.GSO.4.63.0906041150540.1867@muncher.cs.uoguelph.ca> In-Reply-To: <alpine.BSF.2.00.0906041148140.74158@fledge.watson.org> References: <20090601182012.GA21543@darkthrone.kvedulv.de> <20090603121307.GA15659@hades.panopticon> <20090603152810.GA21014@atarininja.org> <20090603160945.GC21014@atarininja.org> <20090603184215.L12292@maildrop.int.zabbadoz.net> <942C18EE-0453-4568-B835-8379966F0B8A@rabson.org> <alpine.BSF.2.00.0906041126510.74158@fledge.watson.org> <alpine.BSF.2.00.0906041148140.74158@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 4 Jun 2009, Robert Watson wrote: [good stuff snipped] > > Possibly we should actually add MAC and audit functions along similar lines, > and initialize cr_prison to &prison0 for the NFS creds? On the other hand, > if they may be used for network I/O, perhaps cr_prison and the others should > be initialized based on the context in which nfsd is started, so that it > takes on those security attributes. > The experimental server crdup()'s the credentials that nfsd has, but I have no idea if that's the correct thing to do? (and I've never done ZFS, so I don't know if that fixes the crashes, either). rick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.63.0906041150540.1867>