Date: Sun, 14 May 2017 00:38:41 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r318262 - head/usr.sbin/mountd Message-ID: <201705140038.v4E0cfLN028319@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Sun May 14 00:38:41 2017 New Revision: 318262 URL: https://svnweb.freebsd.org/changeset/base/318262 Log: Change the default uid/gid values for nobody/nogroup to 65534/65533. The default values found in /etc/passwd and /etc/group are 65534, 65533. In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits. Without this patch, a file created by root on an NFS exported volume without the "-root=" export option will end up owned by uid 4**32 - 2. When discussed on freebsd-current@, it seemed that users preferred the values being changed to 65534/65533. I have not added code to acquire these values from the databases, since the mountd daemon might get "stuck" during startup waiting for a non-responsive password database server. Discussed on: freebsd-current Modified: head/usr.sbin/mountd/mountd.c Modified: head/usr.sbin/mountd/mountd.c ============================================================================== --- head/usr.sbin/mountd/mountd.c Sun May 14 00:23:27 2017 (r318261) +++ head/usr.sbin/mountd/mountd.c Sun May 14 00:38:41 2017 (r318262) @@ -230,9 +230,9 @@ static char **exnames; static char **hosts = NULL; static struct xucred def_anon = { XUCRED_VERSION, - (uid_t)-2, + (uid_t)65534, 1, - { (gid_t)-2 }, + { (gid_t)65533 }, NULL }; static int force_v2 = 0; @@ -2893,8 +2893,8 @@ parsecred(char *namelist, struct xucred /* * Set up the unprivileged user. */ - cr->cr_uid = -2; - cr->cr_groups[0] = -2; + cr->cr_uid = 65534; + cr->cr_groups[0] = 65533; cr->cr_ngroups = 1; /* * Get the user's password table entry.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705140038.v4E0cfLN028319>