Date: Sun, 14 May 2017 13:21:31 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Bruce Evans <brde@optusnet.com.au>, Rick Macklem <rmacklem@freebsd.org> Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org> Subject: Re: svn commit: r318262 - head/usr.sbin/mountd Message-ID: <YTXPR01MB0189FB922CCAEAA2BE4E5D8CDDE00@YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <20170514132052.M1020@besplex.bde.org> References: <201705140038.v4E0cfLN028319@repo.freebsd.org>, <20170514132052.M1020@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Oh, and if the commit doesn't get reverted, I do plan on committing a
change to the exports.5 man page. I just held off on that until the dust
settles.
I had expected more discussion on freebsd-current@ w.r.t. this, but after
several days of no messages, I went ahead with what the two responders
seemed to support.
rick
________________________________________
From: Bruce Evans <brde@optusnet.com.au>
Sent: Saturday, May 13, 2017 11:35:00 PM
To: Rick Macklem
Cc: src-committers@freebsd.org; svn-src-all@freebsd.org; svn-src-head@freeb=
sd.org
Subject: Re: svn commit: r318262 - head/usr.sbin/mountd
On Sun, 14 May 2017, Rick Macklem wrote:
> Log:
> Change the default uid/gid values for nobody/nogroup to 65534/65533.
>
> The default values found in /etc/passwd and /etc/group are 65534, 65533.
> In mountd.c, the defaults were -2, which was 65534 back when uid_t was 1=
6bits.
> Without this patch, a file created by root on an NFS exported volume wit=
hout
> the "-root=3D" export option will end up owned by uid 4**32 - 2.
> When discussed on freebsd-current@, it seemed that users preferred the
> values being changed to 65534/65533.
I got used to 4294967294. The large number makes it easy to see files
created by root on another system. I mostly use nfs without maproot, and
create such files often using tmp directories to transfer files.
> I have not added code to acquire these values from the databases, since
> the mountd daemon might get "stuck" during startup waiting for a non-res=
ponsive
> password database server.
>
> Discussed on: freebsd-current
>
> Modified:
> head/usr.sbin/mountd/mountd.c
exports(5) is not modified, so still documents -2:-2 but not the actual
value of 4294967294:4294967294. It seems dangerous to change the documente=
d
default.
What happens if the server only supports 16-bit (or 15-bit, or 8-bit) uids?
> Modified: head/usr.sbin/mountd/mountd.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/usr.sbin/mountd/mountd.c Sun May 14 00:23:27 2017 (r3=
18261)
> +++ head/usr.sbin/mountd/mountd.c Sun May 14 00:38:41 2017 (r3=
18262)
> @@ -230,9 +230,9 @@ static char **exnames;
> static char **hosts =3D NULL;
> static struct xucred def_anon =3D {
> XUCRED_VERSION,
> - (uid_t)-2,
> + (uid_t)65534,
> 1,
> - { (gid_t)-2 },
> + { (gid_t)65533 },
> NULL
> };
> static int force_v2 =3D 0;
The casts are now bogus. They might have been needed to avoid warnings
about possible sign extension bugs...
> @@ -2893,8 +2893,8 @@ parsecred(char *namelist, struct xucred
> /*
> * Set up the unprivileged user.
> */
> - cr->cr_uid =3D -2;
> - cr->cr_groups[0] =3D -2;
> + cr->cr_uid =3D 65534;
> + cr->cr_groups[0] =3D 65533;
> cr->cr_ngroups =3D 1;
> /*
> * Get the user's password table entry.
But there were no casts here, and the warnings should be the same.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTXPR01MB0189FB922CCAEAA2BE4E5D8CDDE00>