* NEW: afpd: static generated AFP signature stored in afp_signature.conf,
cf man 5 afp_signature.conf
* NEW: afpd: clustering support: new per volume option "cnidserver".
+* UPD: afpd: new volume options default: UNIX priveleges ("upriv") on
* FIX: afpd: prevent security attack guessing valid server accounts. afpd
now returns error -5023 for unknown users, as does AppleFileServer.
/*
- * $Id: volume.c,v 1.123 2010-04-04 15:04:45 franklahm Exp $
+ * $Id: volume.c,v 1.124 2010-04-06 12:00:27 franklahm Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* All Rights Reserved. See COPYRIGHT.
options[VOLOPT_PREEXEC].i_value = 1;
else if (strcasecmp(p, "root_preexec_close") == 0)
options[VOLOPT_ROOTPREEXEC].i_value = 1;
- else if (strcasecmp(p, "upriv") == 0)
- options[VOLOPT_FLAGS].i_value |= AFPVOL_UNIX_PRIV;
+ else if (strcasecmp(p, "noupriv") == 0)
+ options[VOLOPT_FLAGS].i_value &= ~AFPVOL_UNIX_PRIV;
else if (strcasecmp(p, "acls") == 0)
options[VOLOPT_FLAGS].i_value |= AFPVOL_ACLS;
else if (strcasecmp(p, "nodev") == 0)
/* Enable some default options for all volumes */
save_options[VOLOPT_FLAGS].i_value |= AFPVOL_CACHE;
+ save_options[VOLOPT_FLAGS].i_value |= AFPVOL_UNIX_PRIV;
save_options[VOLOPT_EA_VFS].i_value = AFPVOL_EA_AUTO;
while ( myfgets( buf, sizeof( buf ), fp ) != NULL ) {
.\" Title: AppleVolumes.default
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.74.3 <http://docbook.sf.net/>
-.\" Date: 31 Mar 2010
+.\" Date: 06 Apr 2010
.\" Manual: Netatalk 2.1
.\" Source: Netatalk 2.1
.\" Language: English
.\"
-.TH "APPLEVOLUMES\&.DEFAU" "5" "31 Mar 2010" "Netatalk 2.1" "Netatalk 2.1"
+.TH "APPLEVOLUMES\&.DEFAU" "5" "06 Apr 2010" "Netatalk 2.1" "Netatalk 2.1"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.RE
.PP
It is possible to specify default options for all volumes with a
-\fI:DEFAULT: \fRline preceeding these volume definitions:.PP \fBExample.\ \&:DEFAULT: configuration line\fR .PP :DEFAULT: options:upriv,usedots dbpath:/var/dbd/AppleDB/$v dperm:0775 fperm:0664
+\fI:DEFAULT: \fRline preceeding these volume definitions:
+.PP
+\fBExample.\ \&:DEFAULT: configuration line\fR
+.PP
+:DEFAULT: options:usedots dbpath:/var/dbd/AppleDB/$v dperm:0775 fperm:0664
.PP
The possible options and their meanings are:
.PP
a non\-zero return code from root_preexec closes the volume immediately, preventing clients to mount/see the volume in question\&.
.RE
.PP
-upriv
+noupriv
.RS 4
-use AFP3 unix privileges\&. Become familiar with the new "unix privileges" AFP permissions concepts in MacOS X before using this option\&. See also:
+Don\'t use AFP3 unix privileges\&. See also:
\fBperm|fperm|dperm\fR\&.
.RE
.PP