port-sun3: Re: Problems with 3/60 network boot

Subject: Re: Problems with 3/60 network boot
To: Ty Sarna <tsarna@endicor.com>
From: Chris G. Demetriou <cgd@alpha.bostic.com>
List: port-sun3
Date: 08/11/1994 00:41:06
[rick: you're cc'd on this, because your name is sitting at the top
of mountd.c, and you're the NFS czar, really...  8-]

> In article <199408110338.UAA11199@sun-lamp.cs.berkeley.edu> Adam Glass <glass@sun-lamp.cs.berkeley.edu> writes:
> > What machine are you mounting off  machine? what OS version?
> 
> NetBSD/amiga 1.0_BETA of about a week ago. (I think I mentioned that in
> the orgininal post, appologies if not).

try the following:

in /usr/src/*/mountd/mountd.c there are three lines like:
	if ((uid != 0 && root_only) || uid == -2) {

change them to:
	if (uid != 0 && root_only) {

That should fix the problem.

Alternately, change the:
        /* Get authorization */
        switch (rqstp->rq_cred.oa_flavor) {
        case AUTH_UNIX:
                ucr = (struct authunix_parms *)rqstp->rq_clntcred;
                uid = ucr->aup_uid;
                break;  
        case AUTH_NULL: 
        default:        
                break;  
        }
to set uid = 0 for the AUTH_NULL case.


I found this bug a week ago, testing an experimental IP stack
(don't ask 8-), and only today determined what the heart of the
problem was.

From what i understand (as conveyed by gwr) sun3's get the root
FH by doing a mountd request:
	(1) with AUTH_NULL
	(2) from a privileged port
They work fine with a sunos mountd, without -n.

That indicates that either:
	(1) either AUTH_NULL is setting the uid to zero
	(2) being from a privileged port determines whether
		or not '-n' is needed
	(3) some combination of the above.

Looking at the code in mountd.c, i can find no obvious
indication that the port the request is coming from is being
checked, and i always thought that the requetor's port was
what determined whether or not -n was needed.  (I must confess
to being totally clueless about how most SunRPC works, though,
so there's probably something i'm missing...)

In any case, the fact that our mountd doesn't behave similarly
to sunos (and svr4) mountd indicates to me that _something_ is
wrong.  It seems awfully strange to me that mount requests
with AUTH_NULL credentials _always_ fail...


could _somebody_ clarify how this works in the SunOS world?


chris

------------------------------------------------------------------------------