Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!rpi!bu.edu!bu-it!rudi
From: rudi@bu-it.bu.edu (Kevin Ruderman)
Newsgroups: comp.unix.aix
Subject: AIX/370 1.2 NFS client root privs needed
Keywords: AIX/370, NFS
Message-ID: <64713@bu.edu.bu.edu>
Date: 20 Sep 90 22:38:54 GMT
Sender: news@bu.edu.bu.edu
Reply-To: rudi@bu-it.bu.edu (Kevin Ruderman)
Followup-To: comp.unix.aix
Organization: Information Technology, Boston University, Boston, MA, USA
Lines: 31

I need to export a file system and allow the NFS client to have root privs.

In _Managing the Operating System_ chapter 10 NFS page 31 it explicitly
says UID 0 clients get mapped to the AIX kernel variable "nobody" (-2).

NFS R4 (?) allows specifications of the form:
    /export/stuff	-root=machine1:machine2...
but this is not available in my version (1.2).

Questions:
 
1) Is there a way around this?  I do not want to change the
kernel variable "nobody" to 0.  This seems really dangerous?

2) How bad is it if I change "nobody" to 0?  I know the security risks 
involved in allowing root access.  I only want to do it for specific
machines, not all NFS client machines if I change "nobody".
Who else uses "nobody" and what do they use it for?

3) Where can I get info on changing kernel variables.  I have looked in
_Managing the OS_ and the Tech Ref vols 1 & 2 without any luck.
If I must change the variable can I do it with a patch file or must
I use a kernel debugger and just blast the location?  The symbol is
easy to find with "nm".

Thanks, Kevin

Kevin Ruderman
Systems Programmer
Information Technology
Boston University