Bug 13108

Summary:

authunix_create_default includes egid twice

Product:

Base System

Reporter:

David Mazieres <dm>

Component:

bin

Assignee:

freebsd-bugs (Nobody) <bugs>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

brooks, delphij

Priority:

Normal

Version:

3.0-RELEASE

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
file.diff	none

Description David Mazieres 1999-08-12 16:00:00 UTC

authunix_create_default includes the effictive group ID in the
grouplist (as well as the gid field).  This is inconsistent with
almost all other operating systems, and also inconsistent with the
FreeBSD kernel.

For instance, in nfs_subs.c, the kernel avoids putting
cr->cr_groups[0] in the grouplist, because it has already placed
it in the gid field of the marshalled authunix structure.

   714                  for (i = 1; i <= grpsiz; i++)
   715                          *tl++ = txdr_unsigned(cr->cr_groups[i]);

Fix: The fix is to change authunix_create_default to compensate for the
fact that FreeBSD keeps the effective group ID in the first element
of a processes grouplist (unlike the operating systems for which the
code was originally written).  A simple patch is appended.

Alternatively, you could change the kernel to behave like
authunix_create_default.

The current behavior of having the kernel and libc generate
different authunix structures is quite annoying.  (In particular,
it makes it virtually impossible to "autoconf" RPC behavior in
supposedly portable software).

Comment 1 Johan Karlsson freebsd_committer

2002-10-28 21:29:08 UTC

State Changed
From-To: open->closed

The code in question was removed in rev 1.13 of  
src/lib/libc/rpc/auth_unix.c 

If there is a problem with the new code please 
open a new PR.

Comment 2 Johan Karlsson freebsd_committer

2002-10-29 11:43:08 UTC

Adding this to the audit-trail.

----- Forwarded message from David Mazieres <dm@scs.cs.nyu.edu> -----

From: David Mazieres <dm@scs.cs.nyu.edu>
To: johan@FreeBSD.org
Cc: freebsd-bugs@FreeBSD.org
Subject: Re: bin/13108: authunix_create_default includes egid twice
Date: Mon, 28 Oct 2002 17:21:44 -0500 (EST)

> Date: Mon, 28 Oct 2002 13:31:29 -0800 (PST)
> From: Johan Karlsson <johan@FreeBSD.org>
> 
> Synopsis: authunix_create_default includes egid twice
> 
> State-Changed-From-To: open->closed
> State-Changed-By: johan
> State-Changed-When: Mon Oct 28 13:29:08 PST 2002
> State-Changed-Why: 
> 	The code in question was removed in rev 1.13 of 
> 	src/lib/libc/rpc/auth_unix.c
> 
> 	If there is a problem with the new code please
> 	open a new PR.
> 
> http://www.freebsd.org/cgi/query-pr.cgi?pr=13108

The new code seems to have the same problem.  The new version of
authunix_create_default() is:

        if ((len = getgroups(NGRPS, gids)) < 0)
                abort();
        /* XXX: interface problem; those should all have been unsigned */
        return (authunix_create(machname, (int)uid, (int)gid, len,
            (int *)gids));

I think this code should be:

        if ((len = getgroups(NGRPS, gids)) < 1)
                abort();
        /* XXX: interface problem; those should all have been unsigned */
        return (authunix_create(machname, (int)uid, (int)gid, len-1,
            (int *)gids + 1));

Either that, or you should change nfsm_rpchead in
nfsclient/nfs_subs.C.

Currently, the fact that authunix_create_default and the kernel create
different AUTHUNIX credentials is a pain for SFS (a FreeBSD-compatible
network file system that I work on--see www.fs.net).  I realize that
my needs are somewhat esoteric.  I certainly don't expect you to put
in a change just because it is good for SFS.  However, just on simple
aesthetic grounds, doesn't it make sense for the kernel and libc to be
consistent with each other?  Can't FreeBSD just decide if the AUTHUNIX
parms should contain a second copy of the egid in the grouplist, and
then have both libc and the kernel do the same thing?

Of course, at this point, if you were to change the kernel, it would
make things even worse for me, because right now there is no way of
autoconfing FreeBSD's behavior.  I have hard-coded the current kernel
behavior into SFS if the OS name is FreeBSD.

Thanks,
David

----- End forwarded message -----

-- 
Johan Karlsson		mailto:johan@FreeBSD.org

Comment 3 Johan Karlsson freebsd_committer

2002-10-29 11:50:44 UTC

State Changed
From-To: closed->open

Apparently this is still a problem.

Comment 4 Eitan Adler freebsd_committer

2017-12-31 07:59:23 UTC

For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped

Comment 5 Xin LI freebsd_committer

2022-12-04 21:42:27 UTC

This appears to be fixed by r194494.