On 05/08/2017 06:45, Rick Macklem wrote: > Hi, > > Five years ago (yea, it slipped through a crack;-), Slawa reported that files > created by root would end up owned by uid 2**32-2 (-2 as uint32_t). > This happens if there is no "-maproot=<user>" in the /etc/exports line. > > The cause is obvious. The value is set to -2 by default. > > The question is... Should this be changed to 65534 (ie "nobody")? > - It would seem more consistent to make it the uid of nobody, but I can also see > the argument that since it has been like this *forever*, that changing it would be > a POLA violation. > What do others think? Since the change is easily communicated in the release notes, I think it seems quite reasonable, especially if you limit it to 12.0. > It is also the case that mountd.c doesn't look "nobody" up in the password database > to set the default. It would be nice to do this, but it could result in the mountd daemon > getting "stuck" during a boot waiting for an unresponsive LDAP service or similar. > Does doing this sound like a good idea? I imagine the lookup could be useful in heterogeneous networks. You might consider adding a CLI flag to mountd to let the admin choose the user by UID/GID, and possibly by username/groupname. That would be a reasonable workaround for networks that often hit the lookup problem. EricReceived on Mon May 08 2017 - 11:43:06 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:11 UTC