More intuitive maproot/mapall documentation required
|Reported by:||gcooper||Owned by:||william|
The maproot/mapall GUI is helpful, but incomplete for new users. The problem is that some users are not seasoned administrators, and may not be aware of some of the caveats dealing with the more strict security model in FreeBSD, in particular..
-mapall=user or -mapall=user:group1:group2:... specifies a mapping for
all client UIDs (including root) using the same semantics as -maproot.
In the absence of -maproot and -mapall options, remote accesses by root
will result in using a credential of -2:-2. All other users will be
mapped to their remote credential. If a -maproot option is given, remote
access by root will be mapped to that credential instead of -2:-2. If a
-mapall option is given, all users (including root) will be mapped to
that credential in place of their own.
This should be made more intuitive, either through documentation, a tool tip, a (?) icon the user can click on, etc to determine what this actually means, instead of just setting the mode without fully understanding what it does.
Copy-pasting and paraphrasing the text from exports(5) into whatever delivery mechanism deemed appropriate should suffice, along with a helpful example of what happens when they do all permutations of -maproot and -mapuser (this should be reserved for the guide though).