exportfs: Fix the default authentication flavour setting

Commit 11ba3b1e01b67b7d19f26fba94fabdb60878e809 (Add a default flavor
to an export's e_secinfo list) breaks the ordering of security flavours
in the secinfo list, by reordering 'sec=sys' to always be the first
secinfo flavour if one fails to set a default 'sec' setting.

An export of the form:

/export -sync,no_subtree_check,mp \
           192.168.1.0/24(sec=krb5p:krb5i:krb5,rw,sec=sys,ro)

ends up getting translated by exportfs into the following entry in
/var/lib/nfs/etab:

/export	192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\
                       secure,root_squash,no_all_squash,\
		       no_subtree_check,secure_locks,acl,\
		       mountpoint,anonuid=65534,anongid=65534,\
		       sec=sys,ro,root_squash,no_all_squash,\
		       sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash)

Note how the 'sec=sys' is now listed first...

The fix is to defer adding the default flavour until the call to
secinfo_show, when we can see if it is even needed at all.
With the patch, the above export is now correctly entered in
/var/lib/nfs/etab as:

/export	192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\
			secure,root_squash,no_all_squash,\
			no_subtree_check,secure_locks,acl,\
			mountpoint,anonuid=65534,anongid=65534,\
			sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash,\
			sec=sys,ro,root_squash,no_all_squash)

Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>

0 files changed, 0 insertions, 0 deletions