Page MenuHomeFreeBSD
Differential D4172

Add -manage-gids option to the NFS server
ClosedPublic
Actions

Authored by rmacklem on Nov 15 2015, 10:24 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Apr 13, 10:15 PM
Unknown Object (File)
Mar 11 2024, 9:42 PM
Unknown Object (File)
Jan 16 2024, 6:55 PM
Unknown Object (File)
Jan 3 2024, 11:43 AM
Unknown Object (File)
Dec 24 2023, 3:06 PM
Unknown Object (File)
Dec 20 2023, 1:59 AM
Unknown Object (File)
Nov 27 2023, 5:30 AM
Unknown Object (File)
Nov 17 2023, 2:10 AM
View All 64 Files
Subscribers
None

Details

Reviewers
jpaetzel
Summary

Add an option to the NFS similar to the "--manage-gids" option for rpc.mountd in Linux.
This option is enabled via the "-manage-gids" command line option to the nfsuserd daemon.
When enabled, AUTH_SYS NFS requests use the set of groups for the user for the uid in the
request on the server instead of the list of groups in the RPC request header.

This is useful, since the list of groups in the RPC request header is limited to 16.
It does require that the server be configured with the same passwd and group
database as the NFS client(s) are using.

Test Plan

I have done limited testing and jpaetzel@ will be doing testing as well.
My limited testing consisted of creating a user in more than 16 groups and
trying to access a directory with mode 0770 that was owned by another user
and a group not in the first 16 for the user. It fails without "-manage-gids",
but access works when "-manage-gids" is enabled.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

rmacklem updated this revision to Diff 10217.Nov 15 2015, 10:24 PM
rmacklem retitled this revision from to Add -manage-gids option to the NFS server.
rmacklem updated this object.
rmacklem edited the test plan for this revision. (Show Details)
rmacklem added a reviewer: jpaetzel.
rmacklem updated this revision to Diff 10218.Nov 15 2015, 10:28 PM

Here is the diff for nfsuserd. The previous one is the kernel.

rmacklem updated this revision to Diff 10219.Nov 15 2015, 10:30 PM

This patch is for the rc scripts. The previous one is the kernel changes.

jpaetzel accepted this revision.Jul 22 2016, 6:34 PM
jpaetzel edited edge metadata.

We've been using this in FreeNAS for a while, looks good.

This revision is now accepted and ready to land.Jul 22 2016, 6:34 PM
rmacklem closed this revision.Jan 4 2017, 1:01 AM

The commit has been done to head and MFC'd and no reports of problems w.r.t. have been received.

Revision Contents
Changeset List

PathSize
etc/
defaults/
rc.conf
rc.conf.orig
1 line
rc.d/
nfsd
nfsd.orig
7 lines
nfsuserd
nfsuserd.orig
9 lines

Diff 10219

View Options

etc/defaults/rc.conf

Loading...
View Options

etc/rc.d/nfsd

Loading...
View Options

etc/rc.d/nfsuserd

Loading...