commit d63790eec8de5c9bf85f3c6daa1e6e756f0515c4
from: Brian L. Stuart <devnull@localhost>
date: Sun Jul 20 08:50:09 2008 UTC

vnfs: add -i flag to allow remote root

commit - 94e1f2a4388f674331b2a2f988fb815133d2ab6b
commit + d63790eec8de5c9bf85f3c6daa1e6e756f0515c4
blob - 68bba03f64a207d9c9ff524302c4d9caa4030e56
blob + 3fc07e1f5fbc60d4eaa04c361726877044eaa116
--- man/man8/vbackup.8
+++ man/man8/vbackup.8
@@ -52,7 +52,7 @@ back up Unix file systems to Venti
 .PP
 .B vnfs
 [
-.B -ELLRVr
+.B -ELLRVir
 ]
 [
 .B -a
@@ -276,6 +276,12 @@ file system mentioned in the configuration.
 .TP
 .BI -c " cachesize
 Set the number of blocks stored by the in-memory venti cache.
+.TP
+.B -i
+Run in ``insecure'' mode, allowing remote root users to 
+use uid and gid 0 and read any file.
+(Normally, remote root is mapped to uid and gid \-1
+and has no special permissions.)
 .TP
 .B -r
 Respond to all requests with a Sun RPC rejection.
blob - b2cdd9cfe321c89541676289c8f4865c1f18173b
blob + c3fc780badc27cc1cba4417d25edd7a7db588a55
--- src/cmd/vbackup/nfs3srv.c
+++ src/cmd/vbackup/nfs3srv.c
@@ -10,6 +10,8 @@
 #include <nfs3.h>
 #include "nfs3srv.h"
 
+int			insecure = 0;
+
 static SunStatus
 authunixunpack(SunRpc *rpc, SunAuthUnix *au)
 {
@@ -23,10 +25,12 @@ authunixunpack(SunRpc *rpc, SunAuthUnix *au)
 	ep = p+ai->ndata;
 	if(sunauthunixunpack(p, ep, &p, au) < 0)
 		return SunGarbageArgs;
-	if(au->uid == 0)
-		au->uid = -1;
-	if(au->gid == 0)
-		au->gid = -1;
+	if(!insecure){
+		if(au->uid == 0)
+			au->uid = -1;
+		if(au->gid == 0)
+			au->gid = -1;
+	}
 
 	return SunSuccess;
 }
blob - 79d4464e27ebe939479dc5db2d5d2923a040b816
blob + f96be9850daa11f3d9ee376407eccbff9132adac
--- src/cmd/vbackup/nfs3srv.h
+++ src/cmd/vbackup/nfs3srv.h
@@ -9,6 +9,8 @@ Nfs3Status	fsreaddir(SunAuthUnix*, Nfs3Handle*, u32int
 extern void nfs3proc(void*);
 extern void mount3proc(void*);
 
+extern int insecure;
+
 enum
 {
 	MaxDataSize = 8192
blob - 90f45a042ecd3335c009b5a83371cf97e46e640c
blob + 563cb2707f57b439d0bbce2db38f830b3d2b7d73
--- src/cmd/vbackup/vnfs.c
+++ src/cmd/vbackup/vnfs.c
@@ -74,7 +74,7 @@ u64int	unittoull(char*);
 void
 usage(void)
 {
-	fprint(2, "usage: vnfs [-LLRVr] [-a addr] [-b blocksize] [-c cachesize] configfile\n");
+	fprint(2, "usage: vnfs [-LLRVir] [-a addr] [-b blocksize] [-c cachesize] configfile\n");
 	threadexitsall("usage");
 }
 
@@ -128,6 +128,9 @@ threadmain(int argc, char **argv)
 	case 'c':
 		cachesize = unittoull(EARGF(usage()));
 		break;
+	case 'i':
+		insecure = 1;
+		break;
 	case 'r':
 		srv->alwaysreject++;
 		break;