Problem with GID mapping - RHEL 5.0
Ole Bjørn Hessen
obh at telenor.net
Tue Mar 11 10:13:23 EDT 2008
> So all this groups are definitely in /etc/groups, since it appears
> you not using NIS...
Yepp.
# egrep 'ntp|toffer' /etc/passwd /etc/group
egrep 'ntp|toffer' /etc/passwd /etc/group
/etc/passwd:ntp:x:38:38::/etc/ntp:/sbin/nologin
/etc/passwd:toffer:x:2560:2560:Testuser:/home/t/toffer:/bin/bash
/etc/group:ntp::38:
/etc/group:toffer::2560:
> Are there any type of idmapd failures or warning in
> /var/log/messages?
Nope.
dmesg says only (after umount + mount)
nfsd: last server has exited
nfsd: unexporting all filesystems
NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
NFSD: starting 90-second grace period
daemon.info logs in syslog:
Mar 11 15:02:04 batch-rrd1 rpc.idmapd[4824]: nfsdcb: authbuf=10.122.94.160/28 authtype=group
Mar 11 15:02:04 batch-rrd1 rpc.idmapd[4824]: Server: (group) id "2560" -> name "nfsnobody"
Mar 11 15:02:09 batch-rrd1 rpc.idmapd[4824]: nfsdcb: authbuf=10.122.94.160/28 authtype=user
Mar 11 15:02:09 batch-rrd1 rpc.idmapd[4824]: Server: (user) id "266" -> name "tiadm at nm1.telenor.net"
Mar 11 15:02:13 batch-rrd1 rpc.idmapd[4824]: nfsdcb: authbuf=10.122.94.160/28 authtype=group
Mar 11 15:02:13 batch-rrd1 rpc.idmapd[4824]: Server: (group) id "38" -> name "ntp at nm1.telenor.net"
Mar 11 15:05:45 batch-rrd1 mountd[26387]: Caught signal 15, un-registering and exiting.
> > By the way: The file NEWS in libnfsidmap-0.20 is from 2004 and says
> >
> > Doesn't work yet.
> Thanks for pointing this out...
Sure. So it _should_ work ? :-)
Ole Bjørn Hessen,
Telenor
Steve Dickson <SteveD at redhat.com> writes:
> Ole BjXrn Hessen wrote:
> > Hi,
> >
> > I'm trying to get NFSv4 working on two RHEL5.0 hosts. This is a simple
> > setup with no Kerberos. UID and GID is coordinated between the two
> > hosts and is managed centralized. The main purpose of using NFSv4 is to
> > make the access-list on routers "smaller" by only allowing TCP/2049
> > between the two hosts.
> >
> > The problem is that the UID seems to map to correct username, but GID
> > is mapped to nfsnobody for some groups with no apparent pattern.
> >
> > Serverhost is batch-rrd1 (exporting) and client is batch-rrd3 (importing).
> >
> > The idmapd.conf file is equal on the two hosts.
> >
> > egrep ^[A-Za-z] /etc/idmapd.conf
> > Verbosity = 0
> > Pipefs-Directory = /var/lib/nfs/rpc_pipefs
> > Domain = nm1.telenor.net
> > Nobody-User = nfsnobody
> > Nobody-Group = nfsnobody
> > Method = nsswitch
> >
> > The idtoname cache om the batch-rrd1 seems to map some GID to nfsnobody
> > but not all groups. The UID seems to be mapping ok.
> >
> > cat /proc/net/rpc/nfs4.idtoname/content
> > #domain type id [name]
> > 10.122.94.160/28 group 268 nfsnobody
> > 10.122.94.160/28 group 1442 nfsnobody
> > 10.122.94.160/28 group 3230 nfsnobody
> > 10.122.94.160/28 group 391 nfsnobody
> > 10.122.94.160/28 user 0 root at nm1.telenor.net
> > 10.122.94.160/28 group 0 root at nm1.telenor.net
> > 10.122.94.160/28 group 38 ntp at nm1.telenor.net
> > 10.122.94.160/28 user 266 tiadm at nm1.telenor.net
> > 10.122.94.160/28 group 266 nfsnobody
> > 10.122.94.160/28 user 174 obh at nm1.telenor.net
> > 10.122.94.160/28 group 174 nfsnobody
> > 10.122.94.160/28 group 77 pcap at nm1.telenor.net
> > 10.122.94.160/28 group 99 nobody at nm1.telenor.net
> > 10.122.94.160/28 group 1360 nfsnobody
> > 10.122.94.160/28 group 5166 nfsnobody
> >
> > Why does group 268,1442,3230,391,266,174,1360,5166 map to nfsnobody, but not group 0,38,77,99?
> > This seems to be consistend even if restarting nfs, portmap, rpcidmapd.
> So all this groups are definitely in /etc/groups, since it appears
> you not using NIS...
>
> Are there any type of idmapd failures or warning in /var/log/messages?
>
> >
> >
> > By the way: The file NEWS in libnfsidmap-0.20 is from 2004 and says
> >
> > Doesn't work yet.
> Thanks for pointing this out...
>
> steved.
More information about the NFSv4
mailing list