[comp.unix.i386] ISC update -- NFS root/nobody FIX

marc@CLIK.QC.CA (Marc Boucher) (12/30/89)

In article <1989Dec27.171633.1656@ddsw1.MCS.COM> karl@mcs.MCS.COM (Karl Denninger) writes:
>
>With ISC 2.0.2, eh?
>
>How do you handle the fact that your root isn't root on the other
>filesystems?  That is, you can't read the files!
>
>The fix is to patch "nobody" in the kernel to 0 instead of -2.  That works.
>Thanks to the unnamed person (by his request) who provided the hint.
	Well, I prefered to completely disable remapping. Here's my program.
Save old version of /etc/conf/pack.d/nfs/Driver.o in case something bad
happens.

>Karl Denninger (karl@ddsw1.MCS.COM, <well-connected>!ddsw1!karl)

#! /bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #! /bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
#	Makefile
#	patchnfs.c
# This archive created: Fri Dec 29 17:50:11 1989
export PATH; PATH=/bin:$PATH
if test -f 'Makefile'
then
	echo shar: will not over-write existing file "'Makefile'"
else
cat << \SHAR_EOF > 'Makefile'
# patchnfs ... Disable root remapping to "nobody"
#
#	for 386/ix NFS
#	see top of patchnfs.c for other details.
#
# "make doit" will copy the existing driver to /tmp/newDriver.o and patch
# the later. Then save the original and replace it with newDriver.o
# after, rebuild/reinstall the kernel with kconfig
#
all:	patchnfs

patchnfs: patchnfs.o
	cc -s -o $@ $@.o

doit:	patchnfs
	cp /etc/conf/pack.d/nfs/Driver.o /tmp/newDriver.o
	./patchnfs /tmp/newDriver.o
	@echo "Your new driver is /tmp/newDriver.o"
SHAR_EOF
chmod +x 'Makefile'
fi # end of overwriting check
if test -f 'patchnfs.c'
then
	echo shar: will not over-write existing file "'patchnfs.c'"
else
cat << \SHAR_EOF > 'patchnfs.c'
/*

program to patch 386/ix NFS 2.0 driver to disable remapping of root to
nobody. changes 7300: 75 to 7300: eb , that is a jne to a jmp.

Marc Boucher, <marc@clik.qc.ca> 12/29/89

disassembly from Driver.o:

	72f6:  89 45 b8               movl   %eax,0xb8(%ebp)
	72f9:  8b 45 ec               movl   0xec(%ebp),%eax
	72fc:  83 78 08 00            cmpl   $0x0,0x8(%eax) ; check if root
	7300:  75 0e                  jne    0xe <7310>     ; change this to jmp
	7302:  8b 45 b8               movl   0xb8(%ebp),%eax
	7305:  66 8b 15 48 1c 40 00   movw   0x401c48,%dx ; this is where the 
							    root id is replaced
							    with "nobody"
	730c:  eb 0c                  jmp    0xc <731a>
	730e:  90                     nop    
	730f:  90                     nop    
	7310:  8b 45 b8               movl   0xb8(%ebp),%eax
	7313:  8b 55 ec               movl   0xec(%ebp),%edx
	7316:  66 8b 52 08            movw   0x8(%edx),%dx
	731a:  66 89 50 02            movw   %dx,0x2(%eax)

	Checksums:

$ sum /etc/conf/pack.d/nfs/Driver.o  # before patch
35599 199 /etc/conf/pack.d/nfs/Driver.o

$ sum /etc/conf/pack.d/nfs/Driver.o  # after patch
35717 199 /etc/conf/pack.d/nfs/Driver.o

*/

#include <stdio.h>
#include <unistd.h>

#define OFFSET	0x7300
#define OLDBYTE	0x75
#define NEWBYTE 0xeb

main(argc, argv)
	int             argc;
	char          **argv;
{
	FILE           *in;
	int             ch;

	if (argc != 2) {
		fprintf(stderr, "Usage: %s <copyofDriver.o>\n", argv[0]);
		exit(-1);
	}
	in = fopen(argv[1], "r+");
	if (!in) {
		fprintf(stderr, "%s: Can't open %s\n", argv[0], argv[1]);
		exit(-1);
	}
	fseek(in, OFFSET, SEEK_SET);
	ch = getc(in);
	switch (ch) {
	case OLDBYTE:
		fseek(in, OFFSET, SEEK_SET);
		putc(NEWBYTE, in);
		printf("Changed 0x%x to 0x%x at offset 0x%x in %s\n", OLDBYTE, NEWBYTE, OFFSET, argv[1]);
		break;
	case NEWBYTE:
		fprintf(stderr, "%s: Driver already patched!\n", argv[0]);
		break;
	default:
		fprintf(stderr, "%s: Wrong file. Must be a copy of:\n\n /etc/conf/pack.d/nfs/Driver.o, \"@(#) nf:Driver.o  386/ix Version 2.0\"\n", argv[0]);
		break;
	}
	fclose(in);
}
SHAR_EOF
chmod +x 'patchnfs.c'
fi # end of overwriting check
#	End of shell archive
exit 0

-- 
Marc Boucher, sys/netadm @ CLIK Telematique Inc - marc@clik.qc.ca
5144668932_home 5149337161_clik 5149332164_fax  - Postmaster@clik.qc.ca