From owner-svn-src-head@freebsd.org  Mon Jun 26 13:11:23 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 63E71D86942;
 Mon, 26 Jun 2017 13:11:23 +0000 (UTC)
 (envelope-from trasz@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3515F789EC;
 Mon, 26 Jun 2017 13:11:23 +0000 (UTC)
 (envelope-from trasz@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v5QDBMWc013148;
 Mon, 26 Jun 2017 13:11:22 GMT (envelope-from trasz@FreeBSD.org)
Received: (from trasz@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v5QDBMBb013146;
 Mon, 26 Jun 2017 13:11:22 GMT (envelope-from trasz@FreeBSD.org)
Message-Id: <201706261311.v5QDBMBb013146@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: trasz set sender to
 trasz@FreeBSD.org using -f
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
Date: Mon, 26 Jun 2017 13:11:22 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r320359 - in head/sys/fs: nfs nfsserver
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2017 13:11:23 -0000

Author: trasz
Date: Mon Jun 26 13:11:21 2017
New Revision: 320359
URL: https://svnweb.freebsd.org/changeset/base/320359

Log:
  Add vfs.nfsd.nfsd_enable_uidtostring, which works just like
  vfs.nfsd.nfsd_enable_stringtouid, but in reverse - when set to 1,
  it forces the NFSv4 server to return numeric UIDs and GIDs instead
  of "user@domain" strings. This helps with clients that can't
  translate returned identifiers, eg when rerooting.
  
  The same can be achieved by just never running nfsuserd(8),
  but the sysctl is useful to toggle the behaviour back and forth
  without rebooting.
  
  Reviewed by:	rmacklem (earlier version)
  MFC after:	2 weeks
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D11326

Modified:
  head/sys/fs/nfs/nfs_commonsubs.c
  head/sys/fs/nfsserver/nfs_nfsdport.c

Modified: head/sys/fs/nfs/nfs_commonsubs.c
==============================================================================
--- head/sys/fs/nfs/nfs_commonsubs.c	Mon Jun 26 12:37:11 2017	(r320358)
+++ head/sys/fs/nfs/nfs_commonsubs.c	Mon Jun 26 13:11:21 2017	(r320359)
@@ -68,6 +68,7 @@ gid_t nfsrv_defaultgid = GID_NOGROUP;
 int nfsrv_lease = NFSRV_LEASE;
 int ncl_mbuf_mlen = MLEN;
 int nfsd_enable_stringtouid = 0;
+int nfsd_enable_uidtostring = 0;
 NFSNAMEIDMUTEX;
 NFSSOCKMUTEX;
 extern int nfsrv_lughashsize;
@@ -2561,7 +2562,7 @@ nfsv4_uidtostr(uid_t uid, u_char **cpp, int *retlenp, 
 
 	cnt = 0;
 tryagain:
-	if (nfsrv_dnsnamelen > 0) {
+	if (nfsrv_dnsnamelen > 0 && !nfsd_enable_uidtostring) {
 		/*
 		 * Always map nfsrv_defaultuid to "nobody".
 		 */
@@ -2671,7 +2672,7 @@ nfsrv_getgrpscred(struct ucred *oldcred)
 	cnt = 0;
 	uid = oldcred->cr_uid;
 tryagain:
-	if (nfsrv_dnsnamelen > 0) {
+	if (nfsrv_dnsnamelen > 0 && !nfsd_enable_uidtostring) {
 		hp = NFSUSERHASH(uid);
 		mtx_lock(&hp->mtx);
 		TAILQ_FOREACH(usrp, &hp->lughead, lug_numhash) {
@@ -2823,7 +2824,7 @@ nfsv4_gidtostr(gid_t gid, u_char **cpp, int *retlenp, 
 
 	cnt = 0;
 tryagain:
-	if (nfsrv_dnsnamelen > 0) {
+	if (nfsrv_dnsnamelen > 0 && !nfsd_enable_uidtostring) {
 		/*
 		 * Always map nfsrv_defaultgid to "nogroup".
 		 */

Modified: head/sys/fs/nfsserver/nfs_nfsdport.c
==============================================================================
--- head/sys/fs/nfsserver/nfs_nfsdport.c	Mon Jun 26 12:37:11 2017	(r320358)
+++ head/sys/fs/nfsserver/nfs_nfsdport.c	Mon Jun 26 13:11:21 2017	(r320359)
@@ -87,6 +87,7 @@ static int nfs_commit_miss;
 extern int nfsrv_issuedelegs;
 extern int nfsrv_dolocallocks;
 extern int nfsd_enable_stringtouid;
+extern int nfsd_enable_uidtostring;
 
 SYSCTL_NODE(_vfs, OID_AUTO, nfsd, CTLFLAG_RW, 0, "NFS server");
 SYSCTL_INT(_vfs_nfsd, OID_AUTO, mirrormnt, CTLFLAG_RW,
@@ -103,6 +104,8 @@ SYSCTL_INT(_vfs_nfsd, OID_AUTO, debuglevel, CTLFLAG_RW
     0, "Debug level for NFS server");
 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid, CTLFLAG_RW,
     &nfsd_enable_stringtouid, 0, "Enable nfsd to accept numeric owner_names");
+SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_uidtostring, CTLFLAG_RW,
+    &nfsd_enable_uidtostring, 0, "Make nfsd always send numeric owner_names");
 
 #define	MAX_REORDERED_RPC	16
 #define	NUM_HEURISTIC		1031