True. Also, note that you can configure the location of the client's keytab via the server using '-c' option in the protocol directive. Andy On Tue, 3 May 2011, Yang, Wei wrote: > Well, the current "well known" place in "sss" module itself is $HIOME/.xrd/sss.keytab. I can put another "well known" location in xrootdfs if appropriate. > > regards, > Wei Yang | [log in to unmask] | 650-926-3338(O) > > > On May 3, 2011, at 12:06 PM, Andrew Hanushevsky wrote: > >> I agree. The keyfile can be in a well known place. For those who cannot >> tolerate (or comply) to using the well known place they could specify it >> on the command line. As it is, the keyfile should only be readable by the >> user running as xrootdfs (sss refuses to use the keyfile if that isn't the >> case). Practically, all such sensitive information is already publicly >> known (e.g. kerberos ticket location). So, adding a veil of obscurity >> probably isn't going to help much. >> >> Andy >> >> On Tue, 3 May 2011, Doug BENJAMIN wrote: >> >>> Hi, >>> >>> I am not really sure that it is a good idea to have the reference to key >>> file. What if the key file had a standard name >>> and was in /var/spool/xrootd/ ... >>> Doug >>> >>> Yang, Wei wrote: >>>> Hi Brian, Lukasz, >>>> >>>> Everything can be passed as command line parameters except the "sss" key >>>> file. I don't want to list the key file in the command line and invite >>>> other to hack on it. Of course, this can all be changed if the concern >>>> isn't valid. >>>> >>>> regards, >>>> Wei Yang | [log in to unmask] | 650-926-3338(O) >>>> >>>> >>>> On May 3, 2011, at 6:17 AM, Brian Bockelman wrote: >>>> >>>> >>>>> Hi Wei, >>>>> >>>>> Integrating with fstab is pretty easy. For example, you add a line like >>>>> this to /etc/fstab: >>>>> >>>>> hdfs /mnt/hadoop fuse >>>>> server=hadoop-name,port=9000,rdbuffer=32768,allow_other 0 0 >>>>> >>>>> In general, >>>>> >>>>> PROG_NAME MOUNT_POINT fuse OPTIONS 0 0 >>>>> >>>>> Then, fuse will execute the following: >>>>> >>>>> /usr/bin/$PROG_NAME $MOUNT_POINT $OPTIONS >>>>> >>>>> In my case, it was: >>>>> >>>>> /usr/bin/hdfs /mnt/hadoop -o >>>>> rw,server=hadoop-name,port=9000,rdbuffer=32768,allow_other >>>>> >>>>> Brian >>>>> >>>>> On May 3, 2011, at 12:39 AM, Yang, Wei wrote: >>>>> >>>>> >>>>>> think about it again, I think if we put it in fstab, it will probably >>>>>> hard to define those xrootdfs and/or fuse options and env vars. I tried >>>>>> fstab before and will take a look at it again. For now it is probably >>>>>> easier to just use a init.d script. >>>>>> >>>>>> regards, >>>>>> Wei Yang | [log in to unmask] | 650-926-3338(O) >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On May 2, 2011, at 1:48 PM, Brian Bockelman wrote: >>>>>> >>>>>> >>>>>>> Follow-up Comment #1, bug #81761 (project xrootd): >>>>>>> >>>>>>> Wait - >>>>>>> Isn't xrootdfs the fuse mount for xrootd? Why not just make it >>>>>>> compatible >>>>>>> with fstab? This is the approach we took with HDFS. >>>>>>> As a sysadmin, I would prefer the fstab approach. Creating an init >>>>>>> script to >>>>>>> mount filesystems seems to go in the wrong direction. >>>>>>> >>>>>>> Brian >>>>>>> >>>>>>> _______________________________________________________ >>>>>>> >>>>>>> Reply to this item at: >>>>>>> >>>>>>> <http://savannah.cern.ch/bugs/?81761> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Message sent via/by LCG Savannah >>>>>>> http://savannah.cern.ch/ >>>>>>> >>>>>>> >>>> >>>> > >