diff options
Diffstat (limited to 'rpc/rpc-lib')
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 17 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-common.h | 2 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc.h | 6 |
3 files changed, 21 insertions, 4 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index 4cb86a75839..0ede19f741b 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -230,6 +230,8 @@ int rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) { int ret = -1; + uid_t anonuid = -1; + gid_t anongid = -1; GF_ASSERT (svc); GF_ASSERT (options); @@ -240,8 +242,21 @@ rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) else svc->root_squash = _gf_false; + ret = dict_get_uint32 (options, "anonuid", &anonuid); + if (!ret) + svc->anonuid = anonuid; + else + svc->anonuid = RPC_NOBODY_UID; + + ret = dict_get_uint32 (options, "anongid", &anongid); + if (!ret) + svc->anongid = anongid; + else + svc->anongid = RPC_NOBODY_GID; + if (svc->root_squash) - gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled "); + gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled " + "(uid=%d, gid=%d)", svc->anonuid, svc->anongid); return 0; } diff --git a/rpc/rpc-lib/src/rpcsvc-common.h b/rpc/rpc-lib/src/rpcsvc-common.h index aed55e039e1..3c16abeb77a 100644 --- a/rpc/rpc-lib/src/rpcsvc-common.h +++ b/rpc/rpc-lib/src/rpcsvc-common.h @@ -55,6 +55,8 @@ typedef struct rpcsvc_state { gf_boolean_t allow_insecure; gf_boolean_t register_portmap; gf_boolean_t root_squash; + uid_t anonuid; + gid_t anongid; glusterfs_ctx_t *ctx; /* list of connections which will listen for incoming connections */ diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h index cbc1f4226b8..28ec93e11a5 100644 --- a/rpc/rpc-lib/src/rpcsvc.h +++ b/rpc/rpc-lib/src/rpcsvc.h @@ -282,14 +282,14 @@ struct rpcsvc_request { int gidcount = 0; \ if (req->svc->root_squash) { \ if (req->uid == RPC_ROOT_UID) \ - req->uid = RPC_NOBODY_UID; \ + req->uid = req->svc->anonuid; \ if (req->gid == RPC_ROOT_GID) \ - req->gid = RPC_NOBODY_GID; \ + req->gid = req->svc->anongid; \ for (gidcount = 0; gidcount < req->auxgidcount; \ ++gidcount) { \ if (!req->auxgids[gidcount]) \ req->auxgids[gidcount] = \ - RPC_NOBODY_GID; \ + req->svc->anongid; \ } \ } \ } while (0); |