* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
- struct md_ucred *uc = mdt_ucred(info);
- struct mdt_device *mdt = info->mti_mdt;
-
- if (uc->mu_valid != UCRED_INIT) {
- uc->mu_suppgids[0] = uc->mu_suppgids[1] = -1;
- if (uc->mu_ginfo) {
- cfs_put_group_info(uc->mu_ginfo);
- uc->mu_ginfo = NULL;
- }
- if (uc->mu_identity) {
- mdt_identity_put(mdt->mdt_identity_cache,
- uc->mu_identity);
- uc->mu_identity = NULL;
- }
- uc->mu_valid = UCRED_INIT;
- }
+ struct lu_ucred *uc = mdt_ucred(info);
+ struct mdt_device *mdt = info->mti_mdt;
+
+ LASSERT(uc != NULL);
+ if (uc->uc_valid != UCRED_INIT) {
+ uc->uc_suppgids[0] = uc->uc_suppgids[1] = -1;
+ if (uc->uc_ginfo) {
+ cfs_put_group_info(uc->uc_ginfo);
+ uc->uc_ginfo = NULL;
+ }
+ if (uc->uc_identity) {
+ mdt_identity_put(mdt->mdt_identity_cache,
+ uc->uc_identity);
+ uc->uc_identity = NULL;
+ }
+ uc->uc_valid = UCRED_INIT;
+ }
}
/* root_squash for inter-MDS operations */
static int mdt_root_squash(struct mdt_thread_info *info, lnet_nid_t peernid)
{
}
/* root_squash for inter-MDS operations */
static int mdt_root_squash(struct mdt_thread_info *info, lnet_nid_t peernid)
{
if (match_nosquash_list(&info->mti_mdt->mdt_squash_sem,
&info->mti_mdt->mdt_nosquash_nids,
if (match_nosquash_list(&info->mti_mdt->mdt_squash_sem,
&info->mti_mdt->mdt_nosquash_nids,
- CDEBUG(D_OTHER, "squash req from %s, (%d:%d/%x)=>(%d:%d/%x)\n",
- libcfs_nid2str(peernid),
- ucred->mu_fsuid, ucred->mu_fsgid, ucred->mu_cap,
- info->mti_mdt->mdt_squash_uid, info->mti_mdt->mdt_squash_gid,
- 0);
+ CDEBUG(D_OTHER, "squash req from %s, (%d:%d/%x)=>(%d:%d/%x)\n",
+ libcfs_nid2str(peernid),
+ ucred->uc_fsuid, ucred->uc_fsgid, ucred->uc_cap,
+ info->mti_mdt->mdt_squash_uid, info->mti_mdt->mdt_squash_gid,
+ 0);
- ucred->mu_fsuid = info->mti_mdt->mdt_squash_uid;
- ucred->mu_fsgid = info->mti_mdt->mdt_squash_gid;
- ucred->mu_cap = 0;
- ucred->mu_suppgids[0] = -1;
- ucred->mu_suppgids[1] = -1;
+ ucred->uc_fsuid = info->mti_mdt->mdt_squash_uid;
+ ucred->uc_fsgid = info->mti_mdt->mdt_squash_gid;
+ ucred->uc_cap = 0;
+ ucred->uc_suppgids[0] = -1;
+ ucred->uc_suppgids[1] = -1;
struct ptlrpc_request *req = mdt_info_req(info);
struct mdt_device *mdt = info->mti_mdt;
struct ptlrpc_user_desc *pud = req->rq_user_desc;
struct ptlrpc_request *req = mdt_info_req(info);
struct mdt_device *mdt = info->mti_mdt;
struct ptlrpc_user_desc *pud = req->rq_user_desc;
LASSERT(req->rq_auth_gss);
LASSERT(!req->rq_auth_usr_mdt);
LASSERT(req->rq_user_desc);
LASSERT(req->rq_auth_gss);
LASSERT(!req->rq_auth_usr_mdt);
LASSERT(req->rq_user_desc);
- ucred->mu_o_uid = pud->pud_uid;
- ucred->mu_o_gid = pud->pud_gid;
- ucred->mu_o_fsuid = pud->pud_fsuid;
- ucred->mu_o_fsgid = pud->pud_fsgid;
+ ucred->uc_o_uid = pud->pud_uid;
+ ucred->uc_o_gid = pud->pud_gid;
+ ucred->uc_o_fsuid = pud->pud_fsuid;
+ ucred->uc_o_fsgid = pud->pud_fsgid;
- ucred->mu_identity = identity;
- perm = mdt_identity_get_perm(ucred->mu_identity,
- remote, peernid);
+ ucred->uc_identity = identity;
+ perm = mdt_identity_get_perm(ucred->uc_identity,
+ remote, peernid);
- CDEBUG(D_SEC, "mdt blocked setgid attempt (%u:%u/%u:%u -> %u) "
- "from %s\n", pud->pud_uid, pud->pud_gid,
- pud->pud_fsuid, pud->pud_fsgid,
- ucred->mu_identity->mi_gid, libcfs_nid2str(peernid));
- GOTO(out, rc = -EACCES);
+ CDEBUG(D_SEC, "mdt blocked setgid attempt (%u:%u/%u:%u -> %u) "
+ "from %s\n", pud->pud_uid, pud->pud_gid,
+ pud->pud_fsuid, pud->pud_fsgid,
+ ucred->uc_identity->mi_gid, libcfs_nid2str(peernid));
+ GOTO(out, rc = -EACCES);
- if (!remote && perm & CFS_SETGRP_PERM) {
- if (pud->pud_ngroups) {
- /* setgroups for local client */
- ucred->mu_ginfo = cfs_groups_alloc(pud->pud_ngroups);
- if (!ucred->mu_ginfo) {
- CERROR("failed to alloc %d groups\n",
- pud->pud_ngroups);
- GOTO(out, rc = -ENOMEM);
- }
+ if (!remote && perm & CFS_SETGRP_PERM) {
+ if (pud->pud_ngroups) {
+ /* setgroups for local client */
+ ucred->uc_ginfo = cfs_groups_alloc(pud->pud_ngroups);
+ if (!ucred->uc_ginfo) {
+ CERROR("failed to alloc %d groups\n",
+ pud->pud_ngroups);
+ GOTO(out, rc = -ENOMEM);
+ }
+
+ lustre_groups_from_list(ucred->uc_ginfo,
+ pud->pud_groups);
+ lustre_groups_sort(ucred->uc_ginfo);
+ } else {
+ ucred->uc_ginfo = NULL;
+ }
+ } else {
+ ucred->uc_suppgids[0] = -1;
+ ucred->uc_suppgids[1] = -1;
+ ucred->uc_ginfo = NULL;
+ }
- lustre_groups_from_list(ucred->mu_ginfo,
- pud->pud_groups);
- lustre_groups_sort(ucred->mu_ginfo);
- } else {
- ucred->mu_ginfo = NULL;
- }
- } else {
- ucred->mu_suppgids[0] = -1;
- ucred->mu_suppgids[1] = -1;
- ucred->mu_ginfo = NULL;
- }
+ ucred->uc_uid = pud->pud_uid;
+ ucred->uc_gid = pud->pud_gid;
+ ucred->uc_fsuid = pud->pud_fsuid;
+ ucred->uc_fsgid = pud->pud_fsgid;
- ucred->mu_uid = pud->pud_uid;
- ucred->mu_gid = pud->pud_gid;
- ucred->mu_fsuid = pud->pud_fsuid;
- ucred->mu_fsgid = pud->pud_fsgid;
+ /* process root_squash here. */
+ mdt_root_squash(info, peernid);
- /* process root_squash here. */
- mdt_root_squash(info, peernid);
+ /* remove fs privilege for non-root user. */
+ if (ucred->uc_fsuid)
+ ucred->uc_cap = pud->pud_cap & ~CFS_CAP_FS_MASK;
+ else
+ ucred->uc_cap = pud->pud_cap;
+ if (remote && !(perm & CFS_RMTOWN_PERM))
+ ucred->uc_cap &= ~(CFS_CAP_SYS_RESOURCE_MASK |
+ CFS_CAP_CHOWN_MASK);
+ ucred->uc_valid = UCRED_NEW;
- /* remove fs privilege for non-root user. */
- if (ucred->mu_fsuid)
- ucred->mu_cap = pud->pud_cap & ~CFS_CAP_FS_MASK;
- else
- ucred->mu_cap = pud->pud_cap;
- if (remote && !(perm & CFS_RMTOWN_PERM))
- ucred->mu_cap &= ~(CFS_CAP_SYS_RESOURCE_MASK |
- CFS_CAP_CHOWN_MASK);
- ucred->mu_valid = UCRED_NEW;
-
- EXIT;
- if (rc) {
- if (ucred->mu_ginfo) {
- cfs_put_group_info(ucred->mu_ginfo);
- ucred->mu_ginfo = NULL;
- }
- if (ucred->mu_identity) {
- mdt_identity_put(mdt->mdt_identity_cache,
- ucred->mu_identity);
- ucred->mu_identity = NULL;
- }
- }
+ if (rc) {
+ if (ucred->uc_ginfo) {
+ cfs_put_group_info(ucred->uc_ginfo);
+ ucred->uc_ginfo = NULL;
+ }
+ if (ucred->uc_identity) {
+ mdt_identity_put(mdt->mdt_identity_cache,
+ ucred->uc_identity);
+ ucred->uc_identity = NULL;
+ }
+ }
struct ptlrpc_request *req = mdt_info_req(info);
struct mdt_device *mdt = info->mti_mdt;
struct ptlrpc_user_desc *pud = req->rq_user_desc;
struct ptlrpc_request *req = mdt_info_req(info);
struct mdt_device *mdt = info->mti_mdt;
struct ptlrpc_user_desc *pud = req->rq_user_desc;
- struct md_ucred *uc = mdt_ucred(info);
- struct mdt_device *mdt = info->mti_mdt;
- struct md_identity *identity = NULL;
-
- ENTRY;
-
- uc->mu_valid = UCRED_INVALID;
- uc->mu_o_uid = uc->mu_uid = body->uid;
- uc->mu_o_gid = uc->mu_gid = body->gid;
- uc->mu_o_fsuid = uc->mu_fsuid = body->fsuid;
- uc->mu_o_fsgid = uc->mu_fsgid = body->fsgid;
- uc->mu_suppgids[0] = body->suppgid;
- uc->mu_suppgids[1] = -1;
- uc->mu_ginfo = NULL;
- if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
- identity = mdt_identity_get(mdt->mdt_identity_cache,
- uc->mu_fsuid);
- if (IS_ERR(identity)) {
- if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
- identity = NULL;
- } else {
- CDEBUG(D_SEC, "Deny access without identity: "
- "uid %u\n", uc->mu_fsuid);
- RETURN(-EACCES);
- }
- }
- }
- uc->mu_identity = identity;
+ struct lu_ucred *uc = mdt_ucred(info);
+ struct mdt_device *mdt = info->mti_mdt;
+ struct md_identity *identity = NULL;
+
+ ENTRY;
+
+ LASSERT(uc != NULL);
+ uc->uc_valid = UCRED_INVALID;
+ uc->uc_o_uid = uc->uc_uid = body->uid;
+ uc->uc_o_gid = uc->uc_gid = body->gid;
+ uc->uc_o_fsuid = uc->uc_fsuid = body->fsuid;
+ uc->uc_o_fsgid = uc->uc_fsgid = body->fsgid;
+ uc->uc_suppgids[0] = body->suppgid;
+ uc->uc_suppgids[1] = -1;
+ uc->uc_ginfo = NULL;
+ if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
+ identity = mdt_identity_get(mdt->mdt_identity_cache,
+ uc->uc_fsuid);
+ if (IS_ERR(identity)) {
+ if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
+ identity = NULL;
+ } else {
+ CDEBUG(D_SEC, "Deny access without identity: "
+ "uid %u\n", uc->uc_fsuid);
+ RETURN(-EACCES);
+ }
+ }
+ }
+ uc->uc_identity = identity;
- /* process root_squash here. */
- mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
+ /* process root_squash here. */
+ mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
- /* remove fs privilege for non-root user. */
- if (uc->mu_fsuid)
- uc->mu_cap = body->capability & ~CFS_CAP_FS_MASK;
- else
- uc->mu_cap = body->capability;
- uc->mu_valid = UCRED_OLD;
+ /* remove fs privilege for non-root user. */
+ if (uc->uc_fsuid)
+ uc->uc_cap = body->capability & ~CFS_CAP_FS_MASK;
+ else
+ uc->uc_cap = body->capability;
+ uc->uc_valid = UCRED_OLD;
- struct md_ucred *uc = mdt_ucred(info);
- struct mdt_device *mdt = info->mti_mdt;
- struct md_identity *identity = NULL;
-
- ENTRY;
-
- uc->mu_valid = UCRED_INVALID;
- uc->mu_o_uid = uc->mu_o_fsuid = uc->mu_uid = uc->mu_fsuid;
- uc->mu_o_gid = uc->mu_o_fsgid = uc->mu_gid = uc->mu_fsgid;
- uc->mu_ginfo = NULL;
- if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
- identity = mdt_identity_get(mdt->mdt_identity_cache,
- uc->mu_fsuid);
- if (IS_ERR(identity)) {
- if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
- identity = NULL;
- } else {
- CDEBUG(D_SEC, "Deny access without identity: "
- "uid %u\n", uc->mu_fsuid);
- RETURN(-EACCES);
- }
- }
- }
- uc->mu_identity = identity;
+ struct lu_ucred *uc = mdt_ucred(info);
+ struct mdt_device *mdt = info->mti_mdt;
+ struct md_identity *identity = NULL;
+
+ ENTRY;
+
+ LASSERT(uc != NULL);
+ uc->uc_valid = UCRED_INVALID;
+ uc->uc_o_uid = uc->uc_o_fsuid = uc->uc_uid = uc->uc_fsuid;
+ uc->uc_o_gid = uc->uc_o_fsgid = uc->uc_gid = uc->uc_fsgid;
+ uc->uc_ginfo = NULL;
+ if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
+ identity = mdt_identity_get(mdt->mdt_identity_cache,
+ uc->uc_fsuid);
+ if (IS_ERR(identity)) {
+ if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
+ identity = NULL;
+ } else {
+ CDEBUG(D_SEC, "Deny access without identity: "
+ "uid %u\n", uc->uc_fsuid);
+ RETURN(-EACCES);
+ }
+ }
+ }
+ uc->uc_identity = identity;
- /* process root_squash here. */
- mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
+ /* process root_squash here. */
+ mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
- /* remove fs privilege for non-root user. */
- if (uc->mu_fsuid)
- uc->mu_cap &= ~CFS_CAP_FS_MASK;
- uc->mu_valid = UCRED_OLD;
+ /* remove fs privilege for non-root user. */
+ if (uc->uc_fsuid)
+ uc->uc_cap &= ~CFS_CAP_FS_MASK;
+ uc->uc_valid = UCRED_OLD;
}
int mdt_init_ucred(struct mdt_thread_info *info, struct mdt_body *body)
{
struct ptlrpc_request *req = mdt_info_req(info);
}
int mdt_init_ucred(struct mdt_thread_info *info, struct mdt_body *body)
{
struct ptlrpc_request *req = mdt_info_req(info);
int mdt_init_ucred_reint(struct mdt_thread_info *info)
{
struct ptlrpc_request *req = mdt_info_req(info);
int mdt_init_ucred_reint(struct mdt_thread_info *info)
{
struct ptlrpc_request *req = mdt_info_req(info);
CDEBUG(D_INFO, "Shrink to md_size = %d cookie/acl_size = %d"
" MDSCAPA = %llx, OSSCAPA = %llx\n",
CDEBUG(D_INFO, "Shrink to md_size = %d cookie/acl_size = %d"
" MDSCAPA = %llx, OSSCAPA = %llx\n",
struct md_attr *ma = &info->mti_attr;
struct lu_attr *la = &ma->ma_attr;
struct req_capsule *pill = info->mti_pill;
struct md_attr *ma = &info->mti_attr;
struct lu_attr *la = &ma->ma_attr;
struct req_capsule *pill = info->mti_pill;
- uc->mu_fsuid = rec->sa_fsuid;
- uc->mu_fsgid = rec->sa_fsgid;
- uc->mu_cap = rec->sa_cap;
- uc->mu_suppgids[0] = rec->sa_suppgid;
- uc->mu_suppgids[1] = -1;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->sa_fsuid;
+ uc->uc_fsgid = rec->sa_fsgid;
+ uc->uc_cap = rec->sa_cap;
+ uc->uc_suppgids[0] = rec->sa_suppgid;
+ uc->uc_suppgids[1] = -1;
rr->rr_fid1 = &rec->sa_fid;
la->la_valid = mdt_attr_valid_xlate(attr_unpack(rec->sa_valid), rr, ma);
rr->rr_fid1 = &rec->sa_fid;
la->la_valid = mdt_attr_valid_xlate(attr_unpack(rec->sa_valid), rr, ma);
if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
mdt_set_capainfo(info, 0, rr->rr_fid1,
req_capsule_client_get(pill, &RMF_CAPA1));
if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
mdt_set_capainfo(info, 0, rr->rr_fid1,
req_capsule_client_get(pill, &RMF_CAPA1));
struct mdt_rec_create *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
struct mdt_rec_create *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
- uc->mu_fsuid = rec->cr_fsuid;
- uc->mu_fsgid = rec->cr_fsgid;
- uc->mu_cap = rec->cr_cap;
- uc->mu_suppgids[0] = rec->cr_suppgid1;
- uc->mu_suppgids[1] = -1;
- uc->mu_umask = rec->cr_umask;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->cr_fsuid;
+ uc->uc_fsgid = rec->cr_fsgid;
+ uc->uc_cap = rec->cr_cap;
+ uc->uc_suppgids[0] = rec->cr_suppgid1;
+ uc->uc_suppgids[1] = -1;
+ uc->uc_umask = rec->cr_umask;
attr->la_ctime = rec->cr_time;
attr->la_mtime = rec->cr_time;
attr->la_atime = rec->cr_time;
attr->la_ctime = rec->cr_time;
attr->la_mtime = rec->cr_time;
attr->la_atime = rec->cr_time;
memset(&sp->u, 0, sizeof(sp->u));
sp->sp_cr_flags = get_mrc_cr_flags(rec);
memset(&sp->u, 0, sizeof(sp->u));
sp->sp_cr_flags = get_mrc_cr_flags(rec);
struct mdt_rec_link *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
struct mdt_rec_link *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
- uc->mu_fsuid = rec->lk_fsuid;
- uc->mu_fsgid = rec->lk_fsgid;
- uc->mu_cap = rec->lk_cap;
- uc->mu_suppgids[0] = rec->lk_suppgid1;
- uc->mu_suppgids[1] = rec->lk_suppgid2;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->lk_fsuid;
+ uc->uc_fsgid = rec->lk_fsgid;
+ uc->uc_cap = rec->lk_cap;
+ uc->uc_suppgids[0] = rec->lk_suppgid1;
+ uc->uc_suppgids[1] = rec->lk_suppgid2;
struct mdt_rec_unlink *rec;
struct md_attr *ma = &info->mti_attr;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_rec_unlink *rec;
struct md_attr *ma = &info->mti_attr;
struct lu_attr *attr = &info->mti_attr.ma_attr;
- uc->mu_fsuid = rec->ul_fsuid;
- uc->mu_fsgid = rec->ul_fsgid;
- uc->mu_cap = rec->ul_cap;
- uc->mu_suppgids[0] = rec->ul_suppgid1;
- uc->mu_suppgids[1] = -1;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->ul_fsuid;
+ uc->uc_fsgid = rec->ul_fsgid;
+ uc->uc_cap = rec->ul_cap;
+ uc->uc_suppgids[0] = rec->ul_suppgid1;
+ uc->uc_suppgids[1] = -1;
struct mdt_rec_rename *rec;
struct md_attr *ma = &info->mti_attr;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_rec_rename *rec;
struct md_attr *ma = &info->mti_attr;
struct lu_attr *attr = &info->mti_attr.ma_attr;
- uc->mu_fsuid = rec->rn_fsuid;
- uc->mu_fsgid = rec->rn_fsgid;
- uc->mu_cap = rec->rn_cap;
- uc->mu_suppgids[0] = rec->rn_suppgid1;
- uc->mu_suppgids[1] = rec->rn_suppgid2;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->rn_fsuid;
+ uc->uc_fsgid = rec->rn_fsgid;
+ uc->uc_cap = rec->rn_cap;
+ uc->uc_suppgids[0] = rec->rn_suppgid1;
+ uc->uc_suppgids[1] = rec->rn_suppgid2;
struct mdt_rec_create *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct req_capsule *pill = info->mti_pill;
struct mdt_rec_create *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct req_capsule *pill = info->mti_pill;
- uc->mu_fsuid = rec->cr_fsuid;
- uc->mu_fsgid = rec->cr_fsgid;
- uc->mu_cap = rec->cr_cap;
- uc->mu_suppgids[0] = rec->cr_suppgid1;
- uc->mu_suppgids[1] = rec->cr_suppgid2;
- uc->mu_umask = rec->cr_umask;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->cr_fsuid;
+ uc->uc_fsgid = rec->cr_fsgid;
+ uc->uc_cap = rec->cr_cap;
+ uc->uc_suppgids[0] = rec->cr_suppgid1;
+ uc->uc_suppgids[1] = rec->cr_suppgid2;
+ uc->uc_umask = rec->cr_umask;
static int mdt_setxattr_unpack(struct mdt_thread_info *info)
{
struct mdt_reint_record *rr = &info->mti_rr;
static int mdt_setxattr_unpack(struct mdt_thread_info *info)
{
struct mdt_reint_record *rr = &info->mti_rr;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct req_capsule *pill = info->mti_pill;
struct mdt_rec_setxattr *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct req_capsule *pill = info->mti_pill;
struct mdt_rec_setxattr *rec;
- uc->mu_fsuid = rec->sx_fsuid;
- uc->mu_fsgid = rec->sx_fsgid;
- uc->mu_cap = rec->sx_cap;
- uc->mu_suppgids[0] = rec->sx_suppgid1;
- uc->mu_suppgids[1] = -1;
+ /* This prior initialization is needed for old_init_ucred_reint() */
+ uc->uc_fsuid = rec->sx_fsuid;
+ uc->uc_fsgid = rec->sx_fsgid;
+ uc->uc_cap = rec->sx_cap;
+ uc->uc_suppgids[0] = rec->sx_suppgid1;
+ uc->uc_suppgids[1] = -1;