Hi all,

We have this code in principal2uid() where if a kerberos principal starts with nfs/, root/ or host/ we map it up-front to UID 0 and GID 0.

There can be a setup where explicit mapping of entries is done. Eg-

[realms]
EXAMPLE.COM = {
  kdc = 192.168.122.250
  admin_server = 192.168.122.250
        auth_to_local_names = {
            nfs/ldapuser101 = ldapuser101
            nfs/ldapuser102 = ldapuser102
        }
}

All nfs/user@REALM principals would get mapped to root user always and that is a problem. Any reason for having this code?

With kNFS the mapping works fine and such principals are not mapped to root.

Thanks and regards,
Trishali.