On Fri, Dec 15, 2006 at 04:01:23PM +0100, Thiemo Nagel wrote:
> The nfs-kernel-server seems to silently ignore the map_daemon option. I
> don't know whether uid/gid mapping via ugidd is a feature of
> nfs-kernel-server or not, i.e. whether map_daemon should work at all,
> however silently ignoring the option has (maybe mild, feel free to
> adjust the proposed severity) security implications:
I'm not sure what the option is even supposed to do. The only reference I can
find to it is in a commented-out section of the exports man page; I believe
it's parsed for legacy reasons only.
Anyhow, NFSv4 does away with the uid stuff completely, so I'm not sure how
relevant this is. I could of course make a patch that just removes the
map_daemon handling, but I'm unsure whether it has any uses at all.
Also note
if (exp->m_export.e_maptype != CLE_MAP_IDENT) {
xlog(L_ERROR, "%s: unsupported mapping; kernel supports only
'identity' (default)",
exp->m_export.m_path);
errno = EINVAL;
return 0;
}
so it looks like it _should_ just give an error. Any ideas?
/* Steinar */
--
Homepage: http://www.sesse.net/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
