From: Kevin Coffman Date: Sat, 8 Jul 2006 00:01:40 +0000 (+1000) Subject: Use uid/gid of -1 to indicate the export's anonuid/anongid should be used X-Git-Tag: nfs-utils-1-0-9~1 X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=commitdiff_plain;h=7194d7d6320736c14f40d31c3738d40f3119ead5 Use uid/gid of -1 to indicate the export's anonuid/anongid should be used Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the value -1 and defaults the credential's fsuid/fsgid to the correct anonuid/anongid values for the given export. We should be passing this value (-1) down when a name mapping cannot be found. Thanks to J. Bruce Fields for the reference. Signed-off-by: Kevin Coffman Acked-by: J. Bruce Fields --- diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c index bf40bc9..7981399 100644 --- a/utils/gssd/svcgssd_proc.c +++ b/utils/gssd/svcgssd_proc.c @@ -224,10 +224,13 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred) * -ENOENT means there was no mapping, any other error * value means there was an error trying to do the * mapping. + * If there was no mapping, we send down the value -1 + * to indicate that the anonuid/anongid for the export + * should be used. */ if (res == -ENOENT) { - cred->cr_uid = 65534; /* XXX */ - cred->cr_gid = 65534; /* XXX */ + cred->cr_uid = -1; + cred->cr_gid = -1; cred->cr_ngroups = 0; res = 0; goto out_free;