more default uid/gid for NFS in mountd

From: Rick Macklem <rmacklem_at_uoguelph.ca>
Date: Mon, 8 May 2017 11:45:46 +0000
Hi,

Five years ago (yea, it slipped through a crack;-), Slawa reported that files
created by root would end up owned by uid 2**32-2 (-2 as uint32_t).
This happens if there is no "-maproot=<user>" in the /etc/exports line.

The cause is obvious. The value is set to -2 by default.

The question is... Should this be changed to 65534 (ie "nobody")?
- It would seem more consistent to make it the uid of nobody, but I can also see
  the argument that since it has been like this *forever*, that changing it would be
  a POLA violation.
What do others think?

It is also the case that mountd.c doesn't look "nobody" up in the password database
to set the default. It would be nice to do this, but it could result in the mountd daemon
getting "stuck" during a boot waiting for an unresponsive LDAP service or similar.
Does doing this sound like a good idea?

Thanks for any comments, rick
ps: Here's the original email thread, in case you are interested:
      https://lists.freebsd.org/pipermail/freebsd-stable/2012-March/066868.html
Received on Mon May 08 2017 - 09:45:50 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:11 UTC