1 /* 2 * linux/fs/nfsd/auth.c 3 * 4 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> 5 */ 6 7 #include <linux/types.h> 8 #include <linux/sched.h> 9 #include <linux/sunrpc/svc.h> 10 #include <linux/sunrpc/svcauth.h> 11 #include <linux/nfsd/nfsd.h> 12 13 #define CAP_NFSD_MASK (CAP_FS_MASK|CAP_TO_MASK(CAP_SYS_RESOURCE)) 14 15 int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) 16 { 17 struct svc_cred cred = rqstp->rq_cred; 18 int i; 19 int ret; 20 21 if (exp->ex_flags & NFSEXP_ALLSQUASH) { 22 cred.cr_uid = exp->ex_anon_uid; 23 cred.cr_gid = exp->ex_anon_gid; 24 cred.cr_group_info = groups_alloc(0); 25 } else if (exp->ex_flags & NFSEXP_ROOTSQUASH) { 26 struct group_info *gi; 27 if (!cred.cr_uid) 28 cred.cr_uid = exp->ex_anon_uid; 29 if (!cred.cr_gid) 30 cred.cr_gid = exp->ex_anon_gid; 31 gi = groups_alloc(cred.cr_group_info->ngroups); 32 if (gi) 33 for (i = 0; i < cred.cr_group_info->ngroups; i++) { 34 if (!GROUP_AT(cred.cr_group_info, i)) 35 GROUP_AT(gi, i) = exp->ex_anon_gid; 36 else 37 GROUP_AT(gi, i) = GROUP_AT(cred.cr_group_info, i); 38 } 39 cred.cr_group_info = gi; 40 } else 41 get_group_info(cred.cr_group_info); 42 43 if (cred.cr_uid != (uid_t) -1) 44 current->fsuid = cred.cr_uid; 45 else 46 current->fsuid = exp->ex_anon_uid; 47 if (cred.cr_gid != (gid_t) -1) 48 current->fsgid = cred.cr_gid; 49 else 50 current->fsgid = exp->ex_anon_gid; 51 52 if (!cred.cr_group_info) 53 return -ENOMEM; 54 ret = set_current_groups(cred.cr_group_info); 55 put_group_info(cred.cr_group_info); 56 if ((cred.cr_uid)) { 57 cap_t(current->cap_effective) &= ~CAP_NFSD_MASK; 58 } else { 59 cap_t(current->cap_effective) |= (CAP_NFSD_MASK & 60 current->cap_permitted); 61 } 62 return ret; 63 } 64