4:32 p.m.
We have ganesha configured to not do any userid lookups for v4, by doing
the following:
1. Using "-USE_NFSIDMAP=OFF" compile argument.
2. UseGetpwnam set to false and allow_numeric_owners to true in the nfsv4
configuration
This eliminated the user lookups for the most part, but we occasionally
noticed that when doing a chown to a uid that the client didn't know, that
was getting passed to ganesha as a uid and ganesha was then
interpreting this as a user name and trying to do a name to id lookup
via name2id method in /idmapper/idmapper.c which does a getpwam call that
is not checked for the configuration options like other similar calls. Is
this a bug that it is doing a getpwnam_r even though UseGetpwnam is set to
false? Additionally, why does ganesha ever need to lookup users by name?
I'm surprised that it would ever get user names from a client and wouldn't
need to do a name to id lookup. The chown is passing an id in this case. We
are using ganesha 2.5.5.
8:56 a.m.
So, UseGetpwnam appears to be intended to be a positive config, not a
negative config. That is, it says to use getpwnam() even when NFSIDMAP
is built in. Setting it to "false" doesn't stop getpwnam() calls, it
prefers idmap over getpwnam(), at least as currently coded.
The way it's set up now, we always do a name lookup of some kind, if the
ID is not of the form "name@domain". The sequence is to try to look up
the name (using getpwnam()), and if that fails, to try to treat it as a
numeric GID. Possibly that should be the other way around, but that's
the way it's currently coded.
Daniel
On 10/25/19 5:32 PM, Jerrad Bieno wrote:
We have ganesha configured to not do any userid lookups for v4, by
doing
the following:
1. Using "-USE_NFSIDMAP=OFF" compile argument.
2. UseGetpwnam set to false and allow_numeric_owners to true in the
nfsv4 configuration
This eliminated the user lookups for the most part, but we occasionally
noticed that when doing a chown to a uid that the client didn't know,
that was getting passed to ganesha as a uid and ganesha was then
interpreting this as a user name and trying to do a name to id lookup
via name2id method in /idmapper/idmapper.c which does a getpwam call
that is not checked for the configuration options like other similar
calls. Is this a bug that it is doing a getpwnam_r even
though UseGetpwnam is set to false? Additionally, why does ganesha ever
need to lookup users by name? I'm surprised that it would ever get user
names from a client and wouldn't need to do a name to id lookup. The
chown is passing an id in this case. We are using ganesha 2.5.5.
_______________________________________________
Devel mailing list -- devel(a)lists.nfs-ganesha.org
To unsubscribe send an email to devel-leave(a)lists.nfs-ganesha.org
1880
days inactive
1883
days old
1 comments
2 participants
participants (2)
-
Daniel Gryniewicz -
Jerrad Bieno