tvnfs: add -i flag to allow remote root - plan9port - [fork] Plan 9 from user space
(HTM) git clone git://src.adamsgaard.dk/plan9port
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit d63790eec8de5c9bf85f3c6daa1e6e756f0515c4
(DIR) parent 94e1f2a4388f674331b2a2f988fb815133d2ab6b
(HTM) Author: Brian L. Stuart <devnull@localhost>
Date: Sun, 20 Jul 2008 04:50:09 -0400
vnfs: add -i flag to allow remote root
Diffstat:
M man/man8/vbackup.8 | 8 +++++++-
M src/cmd/vbackup/nfs3srv.c | 12 ++++++++----
M src/cmd/vbackup/nfs3srv.h | 2 ++
M src/cmd/vbackup/vnfs.c | 5 ++++-
4 files changed, 21 insertions(+), 6 deletions(-)
---
(DIR) diff --git a/man/man8/vbackup.8 b/man/man8/vbackup.8
t@@ -52,7 +52,7 @@ back up Unix file systems to Venti
.PP
.B vnfs
[
-.B -ELLRVr
+.B -ELLRVir
]
[
.B -a
t@@ -277,6 +277,12 @@ file system mentioned in the configuration.
.BI -c " cachesize
Set the number of blocks stored by the in-memory venti cache.
.TP
+.B -i
+Run in ``insecure'' mode, allowing remote root users to
+use uid and gid 0 and read any file.
+(Normally, remote root is mapped to uid and gid \-1
+and has no special permissions.)
+.TP
.B -r
Respond to all requests with a Sun RPC rejection.
This is useful during debugging.
(DIR) diff --git a/src/cmd/vbackup/nfs3srv.c b/src/cmd/vbackup/nfs3srv.c
t@@ -10,6 +10,8 @@
#include <nfs3.h>
#include "nfs3srv.h"
+int insecure = 0;
+
static SunStatus
authunixunpack(SunRpc *rpc, SunAuthUnix *au)
{
t@@ -23,10 +25,12 @@ authunixunpack(SunRpc *rpc, SunAuthUnix *au)
ep = p+ai->ndata;
if(sunauthunixunpack(p, ep, &p, au) < 0)
return SunGarbageArgs;
- if(au->uid == 0)
- au->uid = -1;
- if(au->gid == 0)
- au->gid = -1;
+ if(!insecure){
+ if(au->uid == 0)
+ au->uid = -1;
+ if(au->gid == 0)
+ au->gid = -1;
+ }
return SunSuccess;
}
(DIR) diff --git a/src/cmd/vbackup/nfs3srv.h b/src/cmd/vbackup/nfs3srv.h
t@@ -9,6 +9,8 @@ Nfs3Status fsreaddir(SunAuthUnix*, Nfs3Handle*, u32int, u64int, uchar**, u32int*
extern void nfs3proc(void*);
extern void mount3proc(void*);
+extern int insecure;
+
enum
{
MaxDataSize = 8192
(DIR) diff --git a/src/cmd/vbackup/vnfs.c b/src/cmd/vbackup/vnfs.c
t@@ -74,7 +74,7 @@ u64int unittoull(char*);
void
usage(void)
{
- fprint(2, "usage: vnfs [-LLRVr] [-a addr] [-b blocksize] [-c cachesize] configfile\n");
+ fprint(2, "usage: vnfs [-LLRVir] [-a addr] [-b blocksize] [-c cachesize] configfile\n");
threadexitsall("usage");
}
t@@ -128,6 +128,9 @@ threadmain(int argc, char **argv)
case 'c':
cachesize = unittoull(EARGF(usage()));
break;
+ case 'i':
+ insecure = 1;
+ break;
case 'r':
srv->alwaysreject++;
break;