diff options
| author | Kevin Coffman <kwc@citi.umich.edu> | 2006-07-08 10:01:40 +1000 |
|---|---|---|
| committer | Neil Brown <neilb@suse.de> | 2006-07-08 10:01:40 +1000 |
| commit | 7194d7d6320736c14f40d31c3738d40f3119ead5 (patch) | |
| tree | a16d756c6b834287ef24a6488fa1c1fee1075743 | |
| parent | b0604c623f7a98c6061dff19988722d3ae848bd7 (diff) | |
| download | nfs-utils-7194d7d6320736c14f40d31c3738d40f3119ead5.tar.gz nfs-utils-7194d7d6320736c14f40d31c3738d40f3119ead5.tar.xz nfs-utils-7194d7d6320736c14f40d31c3738d40f3119ead5.zip | |
Use uid/gid of -1 to indicate the export's anonuid/anongid should be used
Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
value -1 and defaults the credential's fsuid/fsgid to the
correct anonuid/anongid values for the given export. We should
be passing this value (-1) down when a name mapping cannot be found.
Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Acked-by: J. Bruce Fields <bfields@fieldses.org>
| -rw-r--r-- | utils/gssd/svcgssd_proc.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c index bf40bc9..7981399 100644 --- a/utils/gssd/svcgssd_proc.c +++ b/utils/gssd/svcgssd_proc.c @@ -224,10 +224,13 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred) * -ENOENT means there was no mapping, any other error * value means there was an error trying to do the * mapping. + * If there was no mapping, we send down the value -1 + * to indicate that the anonuid/anongid for the export + * should be used. */ if (res == -ENOENT) { - cred->cr_uid = 65534; /* XXX */ - cred->cr_gid = 65534; /* XXX */ + cred->cr_uid = -1; + cred->cr_gid = -1; cred->cr_ngroups = 0; res = 0; goto out_free; |