NFS4 and imapd - no mapping

ulixes · 2013-05-08 20:26:26

Hello,

I'm trying to connect two machines using NFSv4.

desktopA (Server): userA (uid=1000), userB (uid=1001)
desktopB (Client): userA (uid=1001), userB (uid=1000)

Please note the crossed UIDs.

On server i export:

/home/userA 192.168.178.1/24(rw,async,no_subtree_check,no_root_squash,nohide)

My server idmapd.conf:

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = my.lan

[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

[Translation]
Method = nsswitch,static

[Static]
userA@desktopB.my.lan = userB

and the client idmapd.conf (idmap and nfsd are running there):

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = my.lan

[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

[Translation]
Method = nsswitch,static

[Static]
userB@desktopA.my.lan = userA

On the client i mount with

root@desktopB> mount -t nfs4 desktopA:/home/userA /mnt/nfs

But i still get problems with the crossed UIDs:

root@desktopB> ls /mnt/nfs
... userB users ...

Can somebody help me? I don't want to change the UIDs on server and clients just to be equal.

teekay · 2013-05-11 18:49:21

I never tried this myself in practice, but from what I know about the matter maybe check following:

a) the [Static] section on the client should be pointless, as that's a server-side only feature, AFAIK.
b) try mounting with -o sec=krb5, as static mapping works only for GSS authenticated users, and the default is AUTH_SYS, again: AFAIK.

ulixes · 2013-05-13 20:18:41

Hi,

Thank you for your reply.

I removed the static part on both machines, and i added the fsid=0 option in /etc/exports.

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = my.lan

[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

/home/userA 192.168.178.1/24(rw,fsid=0,no_subtree_check,no_root_squash)

According to other posts, just running idmapd on server and client (which already is) with the default config (as above) should be sufficient. But the problem still resides. I've checked /var/log/messages.log, but there are no entries indicating any user mapping. According to this example log http://permalink.gmane.org/gmane.linux.nfs/44754 there should be at least some lines with 'nfs4_uid_to_name' in it. However i got only some entries with 'new client' and 'stale client'. It seems that the nfs or idmap daemon doesn't even try to do any user mappings. I also checked the hosts.allow file.

The sec=krb5 option implies the usage of kerebros which i don't use. I tried sec=sys but this also didn't help.

If the whole chain (rpcbind, nfsd, mountd, idmapd etc.) only could provide some more information. I've increased every verbosity i could but i'm still clueless what's going on. Or not.

Could anybody who's using NFSv4 with working idmap post his config?

TomHu · 2016-01-24 13:39:54

Necrobump.

I have the same problem, but do not get any error messages.

Strange thing is, idmapd won't start when I set Verbosity to any other than 0.

[General]
Domain = local

[Mapping]
Nobody-User = nobody
Nobody-Group = nobody 

[Translation]
Method = nsswitch

WorMzy · 2016-01-25 13:48:31

TomHu wrote:

Necrobump.

Please don't do that. Open a new topic and link back to this one if you feel it is still relevant.

Closing.

Arch Linux

#1 2013-05-08 20:26:26

NFS4 and imapd - no mapping

#2 2013-05-11 18:49:21

Re: NFS4 and imapd - no mapping

#3 2013-05-13 20:18:41

Re: NFS4 and imapd - no mapping

#4 2016-01-24 13:39:54

Re: NFS4 and imapd - no mapping

#5 2016-01-25 13:48:31

Re: NFS4 and imapd - no mapping

Board footer