summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr.sbin/nfsuserd/nfsuserd.c60
1 files changed, 51 insertions, 9 deletions
diff --git a/usr.sbin/nfsuserd/nfsuserd.c b/usr.sbin/nfsuserd/nfsuserd.c
index 35e2849..293da71 100644
--- a/usr.sbin/nfsuserd/nfsuserd.c
+++ b/usr.sbin/nfsuserd/nfsuserd.c
@@ -92,7 +92,7 @@ uid_t defaultuid = (uid_t)32767;
u_char *defaultgroup = "nogroup";
gid_t defaultgid = (gid_t)32767;
int verbose = 0, im_a_slave = 0, nfsuserdcnt = -1, forcestart = 0;
-int defusertimeout = DEFUSERTIMEOUT;
+int defusertimeout = DEFUSERTIMEOUT, manage_gids = 0;
pid_t slaves[MAXNFSUSERD];
int
@@ -110,6 +110,8 @@ main(int argc, char *argv[])
char hostname[MAXHOSTNAMELEN + 1], *cp;
struct addrinfo *aip, hints;
static uid_t check_dups[MAXUSERMAX];
+ gid_t grps[NGROUPS];
+ int ngroup;
if (modfind("nfscommon") < 0) {
/* Not present in kernel, try loading it */
@@ -160,6 +162,8 @@ main(int argc, char *argv[])
verbose = 1;
} else if (!strcmp(*argv, "-force")) {
forcestart = 1;
+ } else if (!strcmp(*argv, "-manage-gids")) {
+ manage_gids = 1;
} else if (!strcmp(*argv, "-usermax")) {
if (argc == 1)
usage();
@@ -297,12 +301,14 @@ main(int argc, char *argv[])
nid.nid_gid = defaultgid;
nid.nid_name = dnsname;
nid.nid_namelen = strlen(nid.nid_name);
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
nid.nid_flag = NFSID_INITIALIZE;
#ifdef DEBUG
printf("Initialize uid=%d gid=%d dns=%s\n", nid.nid_uid, nid.nid_gid,
nid.nid_name);
#else
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error)
errx(1, "Can't initialize nfs user/groups");
#endif
@@ -316,11 +322,13 @@ main(int argc, char *argv[])
nid.nid_gid = grp->gr_gid;
nid.nid_name = grp->gr_name;
nid.nid_namelen = strlen(grp->gr_name);
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
nid.nid_flag = NFSID_ADDGID;
#ifdef DEBUG
printf("add gid=%d name=%s\n", nid.nid_gid, nid.nid_name);
#else
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error)
errx(1, "Can't add group %s", grp->gr_name);
#endif
@@ -352,11 +360,23 @@ main(int argc, char *argv[])
nid.nid_uid = pwd->pw_uid;
nid.nid_name = pwd->pw_name;
nid.nid_namelen = strlen(pwd->pw_name);
+ if (manage_gids != 0) {
+ /* Get the group list for this user. */
+ ngroup = NGROUPS;
+ if (getgrouplist(pwd->pw_name, pwd->pw_gid, grps,
+ &ngroup) < 0)
+ syslog(LOG_ERR, "Group list too small");
+ nid.nid_ngroup = ngroup;
+ nid.nid_grps = grps;
+ } else {
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
+ }
nid.nid_flag = NFSID_ADDUID;
#ifdef DEBUG
printf("add uid=%d name=%s\n", nid.nid_uid, nid.nid_name);
#else
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error)
errx(1, "Can't add user %s", pwd->pw_name);
#endif
@@ -439,6 +459,8 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
struct info info;
struct nfsd_idargs nid;
u_int32_t saddr;
+ gid_t grps[NGROUPS];
+ int ngroup;
/*
* Only handle requests from 127.0.0.1 on a reserved port number.
@@ -472,14 +494,28 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
nid.nid_usertimeout = defusertimeout;
nid.nid_uid = pwd->pw_uid;
nid.nid_name = pwd->pw_name;
+ if (manage_gids != 0) {
+ /* Get the group list for this user. */
+ ngroup = NGROUPS;
+ if (getgrouplist(pwd->pw_name, pwd->pw_gid,
+ grps, &ngroup) < 0)
+ syslog(LOG_ERR, "Group list too small");
+ nid.nid_ngroup = ngroup;
+ nid.nid_grps = grps;
+ } else {
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
+ }
} else {
nid.nid_usertimeout = 5;
nid.nid_uid = (uid_t)info.id;
nid.nid_name = defaultuser;
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
}
nid.nid_namelen = strlen(nid.nid_name);
nid.nid_flag = NFSID_ADDUID;
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error) {
info.retval = error;
syslog(LOG_ERR, "Can't add user %s\n", pwd->pw_name);
@@ -509,8 +545,10 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
nid.nid_name = defaultgroup;
}
nid.nid_namelen = strlen(nid.nid_name);
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
nid.nid_flag = NFSID_ADDGID;
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error) {
info.retval = error;
syslog(LOG_ERR, "Can't add group %s\n",
@@ -541,8 +579,10 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
nid.nid_name = info.name;
}
nid.nid_namelen = strlen(nid.nid_name);
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
nid.nid_flag = NFSID_ADDUSERNAME;
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error) {
info.retval = error;
syslog(LOG_ERR, "Can't add user %s\n", pwd->pw_name);
@@ -572,8 +612,10 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
nid.nid_name = info.name;
}
nid.nid_namelen = strlen(nid.nid_name);
+ nid.nid_ngroup = 0;
+ nid.nid_grps = NULL;
nid.nid_flag = NFSID_ADDGROUPNAME;
- error = nfssvc(NFSSVC_IDNAME, &nid);
+ error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
if (error) {
info.retval = error;
syslog(LOG_ERR, "Can't add group %s\n",
@@ -679,5 +721,5 @@ usage(void)
{
errx(1,
- "usage: nfsuserd [-usermax cache_size] [-usertimeout minutes] [-verbose] [-domain domain_name] [n]");
+ "usage: nfsuserd [-usermax cache_size] [-usertimeout minutes] [-verbose] [-manage-gids] [-domain domain_name] [n]");
}
OpenPOWER on IntegriCloud