Subject: kern/10845: Broken NFS permissions checking when -mapall=user is used.
To: None <gnats-bugs@gnats.netbsd.org>
From: None <scw@netbsd.org>
List: netbsd-bugs
Date: 08/16/2000 04:38:15
>Number: 10845
>Category: kern
>Synopsis: Broken NFS permissions checking when -mapall=user is used.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Aug 16 04:39:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Steve Woodford
>Release: NetBSD-1.5_ALPHA2
>Organization:
NetBSD
>Environment:
NetBSD NFS Server,
Solaris NFS Clients
System: NetBSD haggis 1.5_ALPHA2 NetBSD 1.5_ALPHA2 (HAGGIS) #0: Wed Aug 16 08:23:13 BST 2000 swoodfor@haggis:/u0/netbsd/src/sys/arch/i386/compile/HAGGIS i386
>Description:
When a NetBSD file-system is NFS exported with the -mapall=nobody (for example)
option in the /etc/exports file, you would expect that NFS clients would be
able to change certain attributes of files on that FS which are owned by
`nobody'.
Currently, when the NFS client issues a utimes(2) system call on a file
it just created on the NFS file-system, that system call returns EACCESS.
Presumably the server is not taking the -mapall=nobody into account when
evaluating permission for that operation.
It's likely this affects other operations, as a coworker just reported having
the same problem with chmod(1)...
>How-To-Repeat:
Make an entry in an NFS server's /etc/exports with the -mapall=nobody option.
Mount the filesystem on a client (in this case Solaris, but that may not
matter) and create a new file; it should be owned and writable by `nobody'.
Try to modify the access time of the file using `touch -c'.
>Fix:
No idea.
>Release-Note:
>Audit-Trail:
>Unformatted: