On Mon, May 08, 2017 at 11:45:46AM +0000, Rick Macklem wrote:

> Hi,
> Five years ago (yea, it slipped through a crack;-), Slawa reported that files
> created by root would end up owned by uid 2**32-2 (-2 as uint32_t).
> This happens if there is no "-maproot=<user>" in the /etc/exports line.
> The cause is obvious. The value is set to -2 by default.
> The question is... Should this be changed to 65534 (ie "nobody")?
> - It would seem more consistent to make it the uid of nobody, but I can also 
> see
>   the argument that since it has been like this *forever*, that changing it 
> would be
>   a POLA violation.
> What do others think?

IMHO uid 2**32-2 is POLA violation.
Nobody expect this uid. Too much number. This is like bug.

> It is also the case that mountd.c doesn't look "nobody" up in the password 
> database
> to set the default. It would be nice to do this, but it could result in the 
> mountd daemon
> getting "stuck" during a boot waiting for an unresponsive LDAP service or 
> similar.
> Does doing this sound like a good idea?

This is (stuck at boot) already do for case of using NIS and nfsuserd.
I am regular see this for case of DNS failed at boot.
You offer don't impair current behaviour.


> Thanks for any comments, rick
> ps: Here's the original email thread, in case you are interested:
> https://lists.freebsd.org/pipermail/freebsd-stable/2012-March/066868.html
freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to