Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!allegra!alice!dutoit!dmr
From: dmr@dutoit.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Symbolic user names and RFS
Message-ID: <2090@dutoit.UUCP>
Date: Tue, 18-Feb-86 04:16:03 EST
Article-I.D.: dutoit.2090
Posted: Tue Feb 18 04:16:03 1986
Date-Received: Wed, 19-Feb-86 01:05:15 EST
Lines: 34

In a remote file server scheme, it is an annoying constraint that user
ID numbers must be identical on the client's and the server's machine.
A proper server should be able to run on machines not under one's
administrative control.

The Eighth Edition file server handles this by reading map files that
specify the translation between the user and group numbers on its own
machine and on client machines.   When a client requests access, the
remote uid and gid are translated to the server's numbers; on the
"stat" call the local numbers are translated back to what the client
expects.

If a client uid or gid cannot be mapped, the server gives "other"
access, but it will not create a file with an anonymous uid or gid.

It is convenient to fiddle the mapping files to achieve special rules.
For example, the mapping for root can be removed to prevent remote
super-user access; or between mutually suspicious systems, a very small
or empty map can be used to minimize access.

It is necessary to keep the mapping files current.  We use a daemon
that rebuilds them from the join of each server's and client's password
file; it runs daily or when requested.  Thus we expect that login
names, as opposed to numbers, are the administratively controlled
identifiers.  But this is under control of the people who run the
server.

In theory, authorizing login names and handing out UID numbers is much
the same, but in practice the former is easier.  This is true
especially when an existing machine joins a consortium; usually there
will be few or no name conflicts, but if UIDs have not been controlled
they will all need to be changed.

	Dennis Ritchie