2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-21 11:44:01 +08:00
linux-next/fs/nfs/Kconfig
Iulia Manda 2813893f8b kernel: conditionally support non-root users, groups and capabilities
There are a lot of embedded systems that run most or all of their
functionality in init, running as root:root.  For these systems,
supporting multiple users is not necessary.

This patch adds a new symbol, CONFIG_MULTIUSER, that makes support for
non-root users, non-root groups, and capabilities optional.  It is enabled
under CONFIG_EXPERT menu.

When this symbol is not defined, UID and GID are zero in any possible case
and processes always have all capabilities.

The following syscalls are compiled out: setuid, setregid, setgid,
setreuid, setresuid, getresuid, setresgid, getresgid, setgroups,
getgroups, setfsuid, setfsgid, capget, capset.

Also, groups.c is compiled out completely.

In kernel/capability.c, capable function was moved in order to avoid
adding two ifdef blocks.

This change saves about 25 KB on a defconfig build.  The most minimal
kernels have total text sizes in the high hundreds of kB rather than
low MB.  (The 25k goes down a bit with allnoconfig, but not that much.

The kernel was booted in Qemu.  All the common functionalities work.
Adding users/groups is not possible, failing with -ENOSYS.

Bloat-o-meter output:
add/remove: 7/87 grow/shrink: 19/397 up/down: 1675/-26325 (-24650)

[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Iulia Manda <iulia.manda21@gmail.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Acked-by: Geert Uytterhoeven <geert@linux-m68k.org>
Tested-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-15 16:35:22 -07:00

203 lines
5.9 KiB
Plaintext

config NFS_FS
tristate "NFS client support"
depends on INET && FILE_LOCKING && MULTIUSER
select LOCKD
select SUNRPC
select NFS_ACL_SUPPORT if NFS_V3_ACL
help
Choose Y here if you want to access files residing on other
computers using Sun's Network File System protocol. To compile
this file system support as a module, choose M here: the module
will be called nfs.
To mount file systems exported by NFS servers, you also need to
install the user space mount.nfs command which can be found in
the Linux nfs-utils package, available from http://linux-nfs.org/.
Information about using the mount command is available in the
mount(8) man page. More detail about the Linux NFS client
implementation is available via the nfs(5) man page.
Below you can choose which versions of the NFS protocol are
available in the kernel to mount NFS servers. Support for NFS
version 2 (RFC 1094) is always available when NFS_FS is selected.
To configure a system which mounts its root file system via NFS
at boot time, say Y here, select "Kernel level IP
autoconfiguration" in the NETWORK menu, and select "Root file
system on NFS" below. You cannot compile this file system as a
module in this case.
If unsure, say N.
config NFS_V2
tristate "NFS client support for NFS version 2"
depends on NFS_FS
default y
help
This option enables support for version 2 of the NFS protocol
(RFC 1094) in the kernel's NFS client.
If unsure, say Y.
config NFS_V3
tristate "NFS client support for NFS version 3"
depends on NFS_FS
default y
help
This option enables support for version 3 of the NFS protocol
(RFC 1813) in the kernel's NFS client.
If unsure, say Y.
config NFS_V3_ACL
bool "NFS client support for the NFSv3 ACL protocol extension"
depends on NFS_V3
help
Some NFS servers support an auxiliary NFSv3 ACL protocol that
Sun added to Solaris but never became an official part of the
NFS version 3 protocol. This protocol extension allows
applications on NFS clients to manipulate POSIX Access Control
Lists on files residing on NFS servers. NFS servers enforce
ACLs on local files whether this protocol is available or not.
Choose Y here if your NFS server supports the Solaris NFSv3 ACL
protocol extension and you want your NFS client to allow
applications to access and modify ACLs on files on the server.
Most NFS servers don't support the Solaris NFSv3 ACL protocol
extension. You can choose N here or specify the "noacl" mount
option to prevent your NFS client from trying to use the NFSv3
ACL protocol.
If unsure, say N.
config NFS_V4
tristate "NFS client support for NFS version 4"
depends on NFS_FS
select SUNRPC_GSS
select KEYS
help
This option enables support for version 4 of the NFS protocol
(RFC 3530) in the kernel's NFS client.
To mount NFS servers using NFSv4, you also need to install user
space programs which can be found in the Linux nfs-utils package,
available from http://linux-nfs.org/.
If unsure, say Y.
config NFS_SWAP
bool "Provide swap over NFS support"
default n
depends on NFS_FS
select SUNRPC_SWAP
help
This option enables swapon to work on files located on NFS mounts.
config NFS_V4_1
bool "NFS client support for NFSv4.1"
depends on NFS_V4
select SUNRPC_BACKCHANNEL
help
This option enables support for minor version 1 of the NFSv4 protocol
(RFC 5661) in the kernel's NFS client.
If unsure, say N.
config NFS_V4_2
bool "NFS client support for NFSv4.2"
depends on NFS_V4_1
help
This option enables support for minor version 2 of the NFSv4 protocol
in the kernel's NFS client.
If unsure, say N.
config PNFS_FILE_LAYOUT
tristate
depends on NFS_V4_1
default NFS_V4
config PNFS_BLOCK
tristate
depends on NFS_V4_1 && BLK_DEV_DM
default NFS_V4
config PNFS_OBJLAYOUT
tristate
depends on NFS_V4_1 && SCSI_OSD_ULD
default NFS_V4
config PNFS_FLEXFILE_LAYOUT
tristate
depends on NFS_V4_1 && NFS_V3
default m
config NFS_V4_1_IMPLEMENTATION_ID_DOMAIN
string "NFSv4.1 Implementation ID Domain"
depends on NFS_V4_1
default "kernel.org"
help
This option defines the domain portion of the implementation ID that
may be sent in the NFS exchange_id operation. The value must be in
the format of a DNS domain name and should be set to the DNS domain
name of the distribution.
If the NFS client is unchanged from the upstream kernel, this
option should be set to the default "kernel.org".
config NFS_V4_1_MIGRATION
bool "NFSv4.1 client support for migration"
depends on NFS_V4_1
default n
help
This option makes the NFS client advertise to NFSv4.1 servers that
it can support NFSv4 migration.
The NFSv4.1 pieces of the Linux NFSv4 migration implementation are
still experimental. If you are not an NFSv4 developer, say N here.
config NFS_V4_SECURITY_LABEL
bool
depends on NFS_V4_2 && SECURITY
default y
config ROOT_NFS
bool "Root file system on NFS"
depends on NFS_FS=y && IP_PNP
help
If you want your system to mount its root file system via NFS,
choose Y here. This is common practice for managing systems
without local permanent storage. For details, read
<file:Documentation/filesystems/nfs/nfsroot.txt>.
Most people say N here.
config NFS_FSCACHE
bool "Provide NFS client caching support"
depends on NFS_FS=m && FSCACHE || NFS_FS=y && FSCACHE=y
help
Say Y here if you want NFS data to be cached locally on disc through
the general filesystem cache manager
config NFS_USE_LEGACY_DNS
bool "Use the legacy NFS DNS resolver"
depends on NFS_V4
help
The kernel now provides a method for translating a host name into an
IP address. Select Y here if you would rather use your own DNS
resolver script.
If unsure, say N
config NFS_USE_KERNEL_DNS
bool
depends on NFS_V4 && !NFS_USE_LEGACY_DNS
select DNS_RESOLVER
default y
config NFS_DEBUG
bool
depends on NFS_FS && SUNRPC_DEBUG
select CRC32
default y