From 8efd28456db7fa68aabc355a8fc217430b5bf97a Mon Sep 17 00:00:00 2001
From: Jeff Darcy <jdarcy@redhat.com>
Date: Fri, 27 Apr 2012 11:36:57 -0400
Subject: Add server-side aux-GID resolution.

Change-Id: I09bcbfa41c7c31894ae35f24086bef2d90035ccc
BUG: 827457
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.com/3241
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
---
 xlators/nfs/server/src/nfs.c | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'xlators/nfs/server/src/nfs.c')

diff --git a/xlators/nfs/server/src/nfs.c b/xlators/nfs/server/src/nfs.c
index 6ed3614296f..ba63bcd7a8c 100644
--- a/xlators/nfs/server/src/nfs.c
+++ b/xlators/nfs/server/src/nfs.c
@@ -41,6 +41,10 @@
 #include "nfs-mem-types.h"
 #include "nfs3-helpers.h"
 #include "nlm4.h"
+#include "options.h"
+
+#define OPT_SERVER_AUX_GIDS             "nfs.server-aux-gids"
+#define OPT_SERVER_GID_CACHE_TIMEOUT    "nfs.server.aux-gid-timeout"
 
 /* Every NFS version must call this function with the init function
  * for its particular version.
@@ -730,6 +734,11 @@ nfs_init_state (xlator_t *this)
                 }
         }
 
+        GF_OPTION_INIT (OPT_SERVER_AUX_GIDS, nfs->server_aux_gids,
+                        bool, free_foppool);
+        GF_OPTION_INIT (OPT_SERVER_GID_CACHE_TIMEOUT,nfs->aux_gid_max_age,
+                        uint32, free_foppool);
+
         if (stat("/sbin/rpc.statd", &stbuf) == -1) {
                 gf_log (GF_NFS, GF_LOG_WARNING, "/sbin/rpc.statd not found. "
                         "Disabling NLM");
@@ -818,6 +827,9 @@ init (xlator_t *this) {
                 goto err;
         }
 
+        LOCK_INIT(&nfs->aux_gid_lock);
+        nfs->aux_gid_nbuckets = AUX_GID_CACHE_BUCKETS;
+
         gf_log (GF_NFS, GF_LOG_INFO, "NFS service started");
 err:
 
@@ -1223,6 +1235,24 @@ struct volume_options options[] = {
                          "Needed by Solaris NFS clients if NLM support is"
                          "needed"
         },
+        { .key = {OPT_SERVER_AUX_GIDS},
+          .type = GF_OPTION_TYPE_BOOL,
+          .default_value = "off",
+          .description = "Let the server look up which groups a user belongs "
+                         "to, overwriting the list passed from the client. "
+                         "This enables support for group lists longer than "
+                         "can be passed through the NFS protocol, but is not "
+                         "secure unless users and groups are well synchronized "
+                         "between clients and servers."
+        },
+        { .key = {OPT_SERVER_GID_CACHE_TIMEOUT},
+          .type = GF_OPTION_TYPE_INT,
+          .min = 0,
+          .max = 3600,
+          .default_value = "5",
+          .description = "Number of seconds to cache auxiliary-GID data, when "
+                         OPT_SERVER_AUX_GIDS " is set."
+        },
 
         { .key  = {NULL} },
 };
-- 
cgit