From 7194d7d6320736c14f40d31c3738d40f3119ead5 Mon Sep 17 00:00:00 2001
From: Kevin Coffman <kwc@citi.umich.edu>
Date: Sat, 8 Jul 2006 10:01:40 +1000
Subject: [PATCH] Use uid/gid of -1 to indicate the export's anonuid/anongid
 should be used

Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
value -1 and defaults the credential's fsuid/fsgid to the
correct anonuid/anongid values for the given export.  We should
be passing this value (-1) down when a name mapping cannot be found.
Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Acked-by: J. Bruce Fields <bfields@fieldses.org>
---
 utils/gssd/svcgssd_proc.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c
index bf40bc9..7981399 100644
--- a/utils/gssd/svcgssd_proc.c
+++ b/utils/gssd/svcgssd_proc.c
@@ -224,10 +224,13 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred)
 		 * -ENOENT means there was no mapping, any other error
 		 * value means there was an error trying to do the
 		 * mapping.
+		 * If there was no mapping, we send down the value -1
+		 * to indicate that the anonuid/anongid for the export
+		 * should be used.
 		 */
 		if (res == -ENOENT) {
-			cred->cr_uid = 65534;	/* XXX */
-			cred->cr_gid = 65534;	/* XXX */
+			cred->cr_uid = -1;
+			cred->cr_gid = -1;
 			cred->cr_ngroups = 0;
 			res = 0;
 			goto out_free;
-- 
2.39.2