diff options
author | Neil Brown <neilb@cse.unsw.edu.au> | 2005-03-30 16:57:45 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-03-30 16:57:45 -0800 |
commit | b32f810ad9fd334b08e8efd027681cbdf75d3590 (patch) | |
tree | 0a73ff83186bd25ba65a49be22fabdddeba8776f | |
parent | b5ab2d0eda4619133d683a6794443a5dfde73758 (diff) | |
download | history-b32f810ad9fd334b08e8efd027681cbdf75d3590.tar.gz |
[PATCH] svcrpc: auth_domain documentation
The use of auth_domains is somewhat confusing, in part because they were
originally intended to be used in a more general way than they currently are.
Update the documentation a little with an eye towards how it's currently used.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | include/linux/sunrpc/svcauth.h | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/include/linux/sunrpc/svcauth.h b/include/linux/sunrpc/svcauth.h index 29a1b14bb218bd..c119ce7cbd22ae 100644 --- a/include/linux/sunrpc/svcauth.h +++ b/include/linux/sunrpc/svcauth.h @@ -26,21 +26,23 @@ struct svc_cred { struct svc_rqst; /* forward decl */ /* Authentication is done in the context of a domain. - * For a server, a domain represents a group of clients using + * + * Currently, the nfs server uses the auth_domain to stand + * for the "client" listed in /etc/exports. + * + * More generally, a domain might represent a group of clients using * a common mechanism for authentication and having a common mapping * between local identity (uid) and network identity. All clients * in a domain have similar general access rights. Each domain can * contain multiple principals which will have different specific right * based on normal Discretionary Access Control. * - * For a client, a domain represents a number of servers which all - * use a common authentication mechanism and network identity name space. - * * A domain is created by an authentication flavour module based on name * only. Userspace then fills in detail on demand. * - * The creation of a domain typically implies creation of one or - * more caches for storing domain specific information. + * In the case of auth_unix and auth_null, the auth_domain is also + * associated with entries in another cache representing the mapping + * of ip addresses to the given client. */ struct auth_domain { struct cache_head h; |