Blame view
fs/nfsd/auth.c
1.94 KB
1da177e4c
|
1 2 3 4 5 6 7 8 9 10 11 |
/* * linux/fs/nfsd/auth.c * * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ #include <linux/types.h> #include <linux/sched.h> #include <linux/sunrpc/svc.h> #include <linux/sunrpc/svcauth.h> #include <linux/nfsd/nfsd.h> |
c7d51402d
|
12 |
#include <linux/nfsd/export.h> |
1da177e4c
|
13 14 |
#define CAP_NFSD_MASK (CAP_FS_MASK|CAP_TO_MASK(CAP_SYS_RESOURCE)) |
c7d51402d
|
15 |
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) |
1269bc69b
|
16 17 18 19 20 21 22 23 24 25 26 |
{ struct exp_flavor_info *f; struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; for (f = exp->ex_flavors; f < end; f++) { if (f->pseudoflavor == rqstp->rq_flavor) return f->flags; } return exp->ex_flags; } |
1da177e4c
|
27 28 |
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) { |
54cceebb6
|
29 |
struct svc_cred cred = rqstp->rq_cred; |
1da177e4c
|
30 |
int i; |
1269bc69b
|
31 |
int flags = nfsexp_flags(rqstp, exp); |
1da177e4c
|
32 |
int ret; |
1269bc69b
|
33 |
if (flags & NFSEXP_ALLSQUASH) { |
54cceebb6
|
34 35 36 |
cred.cr_uid = exp->ex_anon_uid; cred.cr_gid = exp->ex_anon_gid; cred.cr_group_info = groups_alloc(0); |
1269bc69b
|
37 |
} else if (flags & NFSEXP_ROOTSQUASH) { |
1da177e4c
|
38 |
struct group_info *gi; |
54cceebb6
|
39 40 41 42 43 |
if (!cred.cr_uid) cred.cr_uid = exp->ex_anon_uid; if (!cred.cr_gid) cred.cr_gid = exp->ex_anon_gid; gi = groups_alloc(cred.cr_group_info->ngroups); |
1da177e4c
|
44 |
if (gi) |
54cceebb6
|
45 46 |
for (i = 0; i < cred.cr_group_info->ngroups; i++) { if (!GROUP_AT(cred.cr_group_info, i)) |
1da177e4c
|
47 48 |
GROUP_AT(gi, i) = exp->ex_anon_gid; else |
54cceebb6
|
49 |
GROUP_AT(gi, i) = GROUP_AT(cred.cr_group_info, i); |
1da177e4c
|
50 |
} |
54cceebb6
|
51 52 53 |
cred.cr_group_info = gi; } else get_group_info(cred.cr_group_info); |
1da177e4c
|
54 |
|
54cceebb6
|
55 56 |
if (cred.cr_uid != (uid_t) -1) current->fsuid = cred.cr_uid; |
1da177e4c
|
57 58 |
else current->fsuid = exp->ex_anon_uid; |
54cceebb6
|
59 60 |
if (cred.cr_gid != (gid_t) -1) current->fsgid = cred.cr_gid; |
1da177e4c
|
61 62 |
else current->fsgid = exp->ex_anon_gid; |
54cceebb6
|
63 |
if (!cred.cr_group_info) |
1da177e4c
|
64 |
return -ENOMEM; |
54cceebb6
|
65 66 67 |
ret = set_current_groups(cred.cr_group_info); put_group_info(cred.cr_group_info); if ((cred.cr_uid)) { |
1da177e4c
|
68 69 70 71 72 73 74 |
cap_t(current->cap_effective) &= ~CAP_NFSD_MASK; } else { cap_t(current->cap_effective) |= (CAP_NFSD_MASK & current->cap_permitted); } return ret; } |