summaryrefslogtreecommitdiffstats
path: root/rpc
diff options
context:
space:
mode:
Diffstat (limited to 'rpc')
-rw-r--r--rpc/rpc-lib/src/rpcsvc-auth.c17
-rw-r--r--rpc/rpc-lib/src/rpcsvc-common.h2
-rw-r--r--rpc/rpc-lib/src/rpcsvc.h6
3 files changed, 21 insertions, 4 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index 4cb86a758..0ede19f74 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -230,6 +230,8 @@ int
rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options)
{
int ret = -1;
+ uid_t anonuid = -1;
+ gid_t anongid = -1;
GF_ASSERT (svc);
GF_ASSERT (options);
@@ -240,8 +242,21 @@ rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options)
else
svc->root_squash = _gf_false;
+ ret = dict_get_uint32 (options, "anonuid", &anonuid);
+ if (!ret)
+ svc->anonuid = anonuid;
+ else
+ svc->anonuid = RPC_NOBODY_UID;
+
+ ret = dict_get_uint32 (options, "anongid", &anongid);
+ if (!ret)
+ svc->anongid = anongid;
+ else
+ svc->anongid = RPC_NOBODY_GID;
+
if (svc->root_squash)
- gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled ");
+ gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled "
+ "(uid=%d, gid=%d)", svc->anonuid, svc->anongid);
return 0;
}
diff --git a/rpc/rpc-lib/src/rpcsvc-common.h b/rpc/rpc-lib/src/rpcsvc-common.h
index aed55e039..3c16abeb7 100644
--- a/rpc/rpc-lib/src/rpcsvc-common.h
+++ b/rpc/rpc-lib/src/rpcsvc-common.h
@@ -55,6 +55,8 @@ typedef struct rpcsvc_state {
gf_boolean_t allow_insecure;
gf_boolean_t register_portmap;
gf_boolean_t root_squash;
+ uid_t anonuid;
+ gid_t anongid;
glusterfs_ctx_t *ctx;
/* list of connections which will listen for incoming connections */
diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h
index cbc1f4226..28ec93e11 100644
--- a/rpc/rpc-lib/src/rpcsvc.h
+++ b/rpc/rpc-lib/src/rpcsvc.h
@@ -282,14 +282,14 @@ struct rpcsvc_request {
int gidcount = 0; \
if (req->svc->root_squash) { \
if (req->uid == RPC_ROOT_UID) \
- req->uid = RPC_NOBODY_UID; \
+ req->uid = req->svc->anonuid; \
if (req->gid == RPC_ROOT_GID) \
- req->gid = RPC_NOBODY_GID; \
+ req->gid = req->svc->anongid; \
for (gidcount = 0; gidcount < req->auxgidcount; \
++gidcount) { \
if (!req->auxgids[gidcount]) \
req->auxgids[gidcount] = \
- RPC_NOBODY_GID; \
+ req->svc->anongid; \
} \
} \
} while (0);