Manualshelf

NFS Services Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
21222324252627282930
Introduction
New Features in NFS
Chapter 122
The server evaluates and processes operations sequentially. If an
error is encountered, it is returned by the server for the entire
procedure up to the first operation that causes the error.
The NFSv4 protocol design enables NFS developers to add new
operations that are based on IETF specifications.
Delegation
In NFSv4, the server can delegate certain responsibilities to the
client. Delegation enables a client to locally service operations, such
as OPEN, CLOSE, LOCK, LOCKU, READ, and WRITE, without
immediate interactions with the server.
The server grants either a READ or a WRITE delegation to a client
at OPEN. After the delegation is granted, the client can perform all
operations locally.
Delegations can be revoked by the server. If another client requests
incompatible access to the file, the server revokes the delegation.
Once the delegation is returned, the other client can access the file.
WARNING Delegations are disabled, by default. If delegations are
enabled, delegations are only supported by applications that
access the delegated files remotely. Local access is not
protected until a future release of HP-UX. Allowing local
access and enabling delegation on a file can corrupt it.
Built-In Security
In NFSv4, the built-in security feature enables the RPC layer to use
different security mechanisms. You can specify a different security
policy for each filesystem. The server and the clients can negotiate
supported security flavors on a per filesystem basis.
NFSv4 uses the RPCSEC_GSS framework for authentication,
integrity, and privacy. This framework enables the RPC protocols to
access the Generic Security Services Application Programming
Interface (GSS-API).
The RPCSEC_GSS/GSS-API security framework is extensible.
However, the new security flavors, whenever added, must conform to
the GSS-API model.