From owner-freebsd-hackers  Wed Aug 30 20:59:29 1995
Return-Path: hackers-owner
Received: (from majordom@localhost)
          by freefall.FreeBSD.org (8.6.11/8.6.6) id UAA20411
          for hackers-outgoing; Wed, 30 Aug 1995 20:59:29 -0700
Received: from bunyip.cc.uq.oz.au (bunyip.cc.uq.oz.au [130.102.2.1])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with SMTP id UAA20400
          for <freebsd-hackers@freebsd.org>; Wed, 30 Aug 1995 20:59:23 -0700
Received: from cc.uq.oz.au by bunyip.cc.uq.oz.au 
          id <02573-0@bunyip.cc.uq.oz.au>; Thu, 31 Aug 1995 13:58:39 +1000
Received: from orion.devetir.qld.gov.au 
          by pandora.devetir.qld.gov.au (8.6.10/DEVETIR-E0.3a) with ESMTP 
          id OAA11043; Thu, 31 Aug 1995 14:03:04 +1000
Received: by orion.devetir.qld.gov.au (8.6.10/DEVETIR-0.3) id NAA15714;
          Thu, 31 Aug 1995 13:57:49 +1000
Date: Thu, 31 Aug 1995 13:57:49 +1000
From: Stephen McKay <syssgm@devetir.qld.gov.au>
Message-Id: <199508310357.NAA15714@orion.devetir.qld.gov.au>
To: Alexandre Moriya - esp <moriya@ifi.unicamp.br>
cc: freebsd-hackers@freebsd.org, syssgm@devetir.qld.gov.au
Subject: mountd -n hates 'nobody' (was: Re: Exporting a file system to a PC.)
Sender: hackers-owner@freebsd.org
Precedence: bulk

Alexandre Moriya - esp <moriya@ifi.unicamp.br> writes:
>> 
>> Robert Clark stands accused of saying:
>> > What happens, my PC can see the exported portion of the FreeBSD file system, 
>> > but I can't map a drive, I get an RPC failure,  'Client credential too 
>> > weak'.
>
>	When I am logged in as some user which is recognized
>	by the FreeBSD box that's ok (using net name * in the
>	DOS box), I am able to mount the exported directory !!!
>
>	But when I am not logged in (ie, nobody - uid:-2 , gid:-2)
>	I can not mount the export directory. I see an error
>	in the DOS box - an NFS error indicating an 1007 error code...

[I'm a long way behind on my -hackers mail.  I'm up to Aug 16!]

mountd is rejecting requests from uid -2 even with the -n switch.  This
behaviour started in FreeBSD 2.0, and seems totally bogus to me.  I've
removed this check (at home) with the enclosed patch, and my DOS PC can now
mount NFS exported partitions without extra authorisation.  I'm not sure
whether to bug report this, or try to start some sort of discussion.

So, hands up everyone (like me) who thinks it's a bug!

Stephen McKay.


diff -ru /cdrom/usr/src/sbin/mountd/mountd.c ./mountd.c
--- /cdrom/usr/src/sbin/mountd/mountd.c	Thu Jun  8 00:34:11 1995
+++ ./mountd.c	Thu Aug 31 13:43:23 1995
@@ -352,7 +352,7 @@
 			syslog(LOG_ERR, "Can't send reply");
 		return;
 	case RPCMNT_MOUNT:
-		if ((uid != 0 && root_only) || uid == -2) {
+		if (uid != 0 && root_only) {
 			svcerr_weakauth(transp);
 			return;
 		}
@@ -421,7 +421,7 @@
 			syslog(LOG_ERR, "Can't send reply");
 		return;
 	case RPCMNT_UMOUNT:
-		if ((uid != 0 && root_only) || uid == -2) {
+		if (uid != 0 && root_only) {
 			svcerr_weakauth(transp);
 			return;
 		}
@@ -437,7 +437,7 @@
 		del_mlist(inet_ntoa(transp->xp_raddr.sin_addr), dirpath);
 		return;
 	case RPCMNT_UMNTALL:
-		if ((uid != 0 && root_only) || uid == -2) {
+		if (uid != 0 && root_only) {
 			svcerr_weakauth(transp);
 			return;
 		}