summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authorHans Insulander <hin@cvs.openbsd.org>2001-10-03 18:54:30 +0000
committerHans Insulander <hin@cvs.openbsd.org>2001-10-03 18:54:30 +0000
commitb21050a2bfb7d1ac8403022bf3f001aaa2584467 (patch)
tree917405307f1c3d7cc9abbbdd9a910745e2342d85 /sbin
parent8b9cc395a4cf1af1ebabb50f2bc499d0cd05fe37 (diff)
Remove all traces of Kerberised NFS; it never worked in OpenBSD, but it
has been in the userland tools and the manpages for ages. Spotted by Lars Hansson <lars@unet.net.ph> Ok deraadt@ Ok millert@
Diffstat (limited to 'sbin')
-rw-r--r--sbin/mountd/exports.513
-rw-r--r--sbin/mountd/mountd.c31
2 files changed, 10 insertions, 34 deletions
diff --git a/sbin/mountd/exports.5 b/sbin/mountd/exports.5
index 6449049d369..9faac302ac7 100644
--- a/sbin/mountd/exports.5
+++ b/sbin/mountd/exports.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: exports.5,v 1.10 2000/04/15 02:15:15 aaron Exp $
+.\" $OpenBSD: exports.5,v 1.11 2001/10/03 18:54:29 hin Exp $
.\" $NetBSD: exports.5,v 1.9 1996/02/18 11:57:50 fvdl Exp $
.\"
.\" Copyright (c) 1989, 1991, 1993
@@ -150,12 +150,6 @@ all users (including root) will be mapped to that credential in
place of their own.
.Pp
The
-.Fl kerb
-option specifies that the Kerberos authentication server should be
-used to authenticate and map client credentials.
-This option requires that the kernel be built with the NFSKERB option.
-.Pp
-The
.Fl ro
option specifies that the filesystem should be exported read-only
(default read/write).
@@ -209,7 +203,7 @@ For example:
/usr -ro -mapall=nobody
/u -maproot=bin: -network 131.104.48 -mask 255.255.255.0
/u2 -maproot=root friends
-/u2 -alldirs -kerb -network cis-net -mask cis-mask
+/u2 -alldirs -network cis-net -mask cis-mask
.Ed
.Pp
Given that
@@ -260,8 +254,7 @@ associated with
it is exported to all hosts on network
.Dq cis-net
allowing mounts at any
-directory within /u2 and mapping all UIDs to credentials for the principal
-that is authenticated by a Kerberos ticket.
+directory within /u2.
.Sh FILES
.Bl -tag -width /etc/exports -compact
.It Pa /etc/exports
diff --git a/sbin/mountd/mountd.c b/sbin/mountd/mountd.c
index 6241f2fc1e7..a426003c7df 100644
--- a/sbin/mountd/mountd.c
+++ b/sbin/mountd/mountd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mountd.c,v 1.37 2001/06/14 21:57:44 mickey Exp $ */
+/* $OpenBSD: mountd.c,v 1.38 2001/10/03 18:54:29 hin Exp $ */
/* $NetBSD: mountd.c,v 1.31 1996/02/18 11:57:53 fvdl Exp $ */
/*
@@ -102,7 +102,6 @@ struct dirlist {
/* dp_flag bits */
#define DP_DEFSET 0x1
#define DP_HOSTSET 0x2
-#define DP_KERB 0x4
struct exportlist {
struct exportlist *ex_next;
@@ -211,7 +210,6 @@ int opt_flags;
/* Bits for above */
#define OP_MAPROOT 0x01
#define OP_MAPALL 0x02
-#define OP_KERB 0x04
#define OP_MASK 0x08
#define OP_NET 0x10
#define OP_ALLDIRS 0x40
@@ -551,10 +549,7 @@ xdr_fhs(xdrsp, cp)
return (0);
if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
return (0);
- if (fhrp->fhr_flag & DP_KERB)
- auth = RPCAUTH_KERB4;
- else
- auth = RPCAUTH_UNIX;
+ auth = RPCAUTH_UNIX;
len = 1;
if (!xdr_long(xdrsp, &len))
return (0);
@@ -1142,12 +1137,8 @@ hang_dirp(dp, grp, ep, flags)
ep->ex_defdir = dp;
if (grp == NULL) {
ep->ex_defdir->dp_flag |= DP_DEFSET;
- if (flags & OP_KERB)
- ep->ex_defdir->dp_flag |= DP_KERB;
} else while (grp) {
hp = get_ht();
- if (flags & OP_KERB)
- hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = ep->ex_defdir->dp_hosts;
ep->ex_defdir->dp_hosts = hp;
@@ -1204,8 +1195,6 @@ add_dlist(dpp, newdp, grp, flags)
*/
do {
hp = get_ht();
- if (flags & OP_KERB)
- hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = dp->dp_hosts;
dp->dp_hosts = hp;
@@ -1213,8 +1202,6 @@ add_dlist(dpp, newdp, grp, flags)
} while (grp);
} else {
dp->dp_flag |= DP_DEFSET;
- if (flags & OP_KERB)
- dp->dp_flag |= DP_KERB;
}
}
@@ -1380,11 +1367,9 @@ do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr)
opt_flags |= OP_MAPALL;
} else
opt_flags |= OP_MAPROOT;
- } else if (!strcmp(cpopt, "kerb") || !strcmp(cpopt, "k")) {
- *exflagsp |= MNT_EXKERB;
- opt_flags |= OP_KERB;
- } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
- !strcmp(cpopt, "m"))) {
+ } else
+ if (cpoptarg && (!strcmp(cpopt, "mask") ||
+ !strcmp(cpopt, "m"))) {
if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
syslog(LOG_ERR, "Bad mask: %s", cpoptarg);
return (1);
@@ -2065,10 +2050,8 @@ check_options(dp)
if (dp == NULL)
return (1);
- if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL) ||
- (opt_flags & (OP_MAPROOT | OP_KERB)) == (OP_MAPROOT | OP_KERB) ||
- (opt_flags & (OP_MAPALL | OP_KERB)) == (OP_MAPALL | OP_KERB)) {
- syslog(LOG_ERR, "-mapall, -maproot and -kerb mutually exclusive");
+ if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
+ syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
return (1);
}
if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {