A little encouragement with Kerberos for NFS
J. Bruce Fields
bfields at fieldses.org
Mon Jul 17 15:29:30 EDT 2006
On Mon, Jul 17, 2006 at 12:14:53PM -0700, Andrew B. Young wrote:
> Dear Kevin,
>
> I was wondering about that: "net result is to default to uid/gid of
> -1." I believe this is the same as--
> nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
> because of the binary math.
Nope, that's (u16)(-2).
> I think the Sun documentation states that the default mapping is to the
> principle: "nfs" which in the Fedora distribution does not exist in
> /etc/passwd. So, forgive me, the -1 mapping is a hack that you had to
> implement. Yes?
It's a hack to tell the server that this user is anonymous. But -1
isn't what you'll actually end up seeing, because the server will map -1
to whatever anonymous user you specify in /etc/exports. (See the
anonuid option in "man exports".) By default that's 65534.
--b.
More information about the NFSv4
mailing list