Date: Mon, 19 Aug 2002 08:47:59 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Poul-Henning Kamp <phk@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern vfs_mount.c src/sys/sys mount.h src/sys/security/lomac kernel_util.c Message-ID: <Pine.NEB.3.96L.1020819084537.11578T-100000@fledge.watson.org> In-Reply-To: <200208190652.g7J6qLLK010002@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
You'll probably want to update the NFS client code to use this credential instead of the credential is caches in nfsmount. The NFS client uses this credential when it needs to create a fresh socket due to the old one no longer being useful (i.e., TCP socket disconnected). This corrected a similar nit in the NFS code where the credential of the user on hand when it needed to create a new socket, and the result was some fascinating interactions with ipfw uid/gid rules and MAC. Another possibly cred of great joy in this case (not the NFS case) would be thread0.td_ucred, btw. Not really quite right either, of course. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Sun, 18 Aug 2002, Poul-Henning Kamp wrote: > phk 2002/08/18 23:52:21 PDT > > Modified files: > sys/kern vfs_mount.c > sys/sys mount.h > sys/security/lomac kernel_util.c > Log: > Keep a copy of the credential used to mount filesystems around so > we can check and use it later on. > > Change the pieces of code which relied on mount->mnt_stat.f_owner > to check which user mounted the filesystem. > > This became needed as the EA code needs to be able to allocate > blocks for "system" EA users like ACLs. > > There seems to be some half-baked (probably only quarter- actually) > notion that the superuser for a given filesystem is the user who > mounted it, but this has far from been carried through. It is > unclear if it should be. > > Sponsored by: DARPA & NAI Labs. > > Revision Changes Path > 1.83 +7 -3 src/sys/kern/vfs_mount.c > 1.8 +1 -1 src/sys/security/lomac/kernel_util.c > 1.140 +1 -0 src/sys/sys/mount.h > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020819084537.11578T-100000>