[lpi-discuss] Re (snip) more personal opinion (on NFS)

Matt Benjamin matt at linuxbox.com
Thu Oct 21 11:20:12 EDT 2004 

Bryan,

I take your general point, but I'm disagreeing with it, in so far as 
you're saying that distributed filesystems on Unix all look like NFS.  
They don't.  (I'm staying out of the CIFS quagmire.  You can have it.)  
Also insofar as you suggest we can wave away security concerns, all 
designs are equivalent.  They aren't.  Irrelevant how old the design is, 
except insofar as people are using something old and insecure.

Since you keep talking about mounting stuff, yes, the NFS exports 
approach probably is the natural way to map a remote filesystem into a 
Unix VFS, ie, allow a filesystem subtree from some server to be mounted 
where one likes in the standard filesystem hierarchy on some client.  Is 
it the only or the right way?  No.  A single namespace 
(/dfs/psu.edu/myvol) is a much better idea.  It's perfectly compatible 
with the Unix VFS, and used in several distributed filesystems on Unix 
(Linux).  This does not materially resemble NFS.  Most distributed 
filesystems break other "invariants" of Unix, eg, access controls, file 
locking, memory mapping, etc.  That's true of NFS, too--but not the same 
across filesystems.  There's wide variability there.  Wide deviation, 
also, from the subtree export concept, too--some distributed filesystems 
actually have a meaningful notion of what a volume is.

Yes, NFSv2-3 is basic, admins need to know it.  But the Unix wisdom that 
NFS is a security problem is out there because NFS security has been a 
real problem, even on local area networks.  You can't wave it away by 
talking about CIFS or VPNs.

Matt

Bryan J. Smith wrote:

>On Wed, 2004-10-20 at 20:47, Matt Benjamin wrote:
>  
>
>
>This discussion is not trival.  But the concepts presented on the LPIC-1
>exams _are_.  The NFS concepts are basic enough that they are not only
>applicable to NFS, but how UNIX/Linux platforms export and mount remote
>filesystems -- which was my general argument.
>
>  
>
-- 

Matt Benjamin

The Linux Box
206 South Fifth Ave. Suite 150
Ann Arbor, MI  48104

tel. 734-761-4689
fax. 734-769-8938
cel. 734-216-5309

More information about the lpi-discuss mailing list