Use uid/gid of -1 to indicate the export's anonuid/anongid should be used

Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
value -1 and defaults the credential's fsuid/fsgid to the
correct anonuid/anongid values for the given export.  We should
be passing this value (-1) down when a name mapping cannot be found.
Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Acked-by: J. Bruce Fields <bfields@fieldses.org>

diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c
index bf40bc98bbb03004e8d91dee33264fdcf8f0f227..79813990c518c2dca579aaceded088e15ee08106 100644 (file)
--- a/utils/gssd/svcgssd_proc.c
+++ b/utils/gssd/svcgssd_proc.c
@@ -224,10 +224,13 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred)
                 * -ENOENT means there was no mapping, any other error
                 * value means there was an error trying to do the
                 * mapping.
+                * If there was no mapping, we send down the value -1
+                * to indicate that the anonuid/anongid for the export
+                * should be used.
                 */
                if (res == -ENOENT) {
-                       cred->cr_uid = 65534;   /* XXX */
-                       cred->cr_gid = 65534;   /* XXX */
+                       cred->cr_uid = -1;
+                       cred->cr_gid = -1;
                        cred->cr_ngroups = 0;
                        res = 0;
                        goto out_free;