her@compel.UUCP (Helge Egelund Rasmussen) (10/24/90)
I've written a program to read and modify the password file on interactive unix V.3.2. It is using the getpwent/putpwent routines, and updates the shadow passwordfile too. However when porting this to a Data General (DGUX), we had some problems with a user called 'nobody' which had UID -2. When getpwent returns this user, the UID is returned as a number above 60000 (which is understandable if the UID is an unsigned short). As far as I could see in the docs the UID should be non negative, so I told the manager of the DG system, that the -2 entry in passwd was invalid and should be removed. He then told me that the -2 UID was needed by NFS, and showed me a page from an IBM AIX/RT manual which contained the following: To prevent unauthorized access to NFS servers, NFS does not allow a user on a client to exercise superuser privileges on files in a mounted file system. The root user ID on the client (0) is mapped to the kernel variable NOBODY (-2, or unsigned 65534) when performing file operations in a mounted file system. My question is this: Should UID -2 be in the password file, or is the statement about just a description of what is happening in the kernel? If UID -2 should be in the password file, then something is very wrong with the getpwent/putpwent routines! I hope somebody can help. Helge --- Helge E. Rasmussen . PHONE + 45 31 37 11 00 . E-mail: her@compel.dk Compel A/S . FAX + 45 31 37 06 44 . Copenhagen, Denmark
guy@auspex.auspex.com (Guy Harris) (10/31/90)
>He then told me that the -2 UID was needed by NFS, and showed me a page >from an IBM AIX/RT manual which contained the following: And demonstrates that he misread the page in question. In particular, he apparently ignored the ", or unsigned 65534" part of: > The root user ID on the client (0) is mapped to the kernel > variable NOBODY (-2, or unsigned 65534) when performing file > operations in a mounted file system. In SunOS 4.1, for instance, the password file entry for "nobody" has user ID 65534, as 4.1 is POSIX-compliant and UIDs must be non-negative in POSIX systems.