Les Mikesell
2013-Aug-26 22:01 UTC
[CentOS] nfs4, idmapd, users with same name, different uid?
Is idmapd supposed to work where users have different uid numbers on
the nfsv4 server and client? It seems to show the right names for
ownership on the client side, but if I automount a home directory,
that user doesn't have permission to enter it, and if I change
permission to allow access and create a new file, it shows on the
server as owned by the uid number for the user on the client (and
wrong on the server).
Everything works like it would on nfs v3 where the uid numbers are
the same on the client and server, but what's the point of the
rpcidmapd daemon if it doesn't actually map the ids?
--
Les Mikesell
lesmikesell at gmail.com
Barbara Krasovec
2013-Aug-28 07:37 UTC
[CentOS] nfs4, idmapd, users with same name, different uid?
On 8/27/13 12:01 AM, Les Mikesell wrote:> Is idmapd supposed to work where users have different uid numbers on > the nfsv4 server and client? It seems to show the right names for > ownership on the client side, but if I automount a home directory, > that user doesn't have permission to enter it, and if I change > permission to allow access and create a new file, it shows on the > server as owned by the uid number for the user on the client (and > wrong on the server). > > Everything works like it would on nfs v3 where the uid numbers are > the same on the client and server, but what's the point of the > rpcidmapd daemon if it doesn't actually map the ids? >As far as I know, nfs4 doesn't care about UID/GID, but checks names, so it should work, no matter that you have different UIDs on server and client for same users. Cheers, Barbara
natxo asenjo
2013-Aug-28 09:29 UTC
[CentOS] nfs4, idmapd, users with same name, different uid?
On 08/27/2013 12:01 AM, Les Mikesell wrote:> Is idmapd supposed to work where users have different uid numbers on > the nfsv4 server and client? It seems to show the right names for > ownership on the client side, but if I automount a home directory, > that user doesn't have permission to enter it, and if I change > permission to allow access and create a new file, it shows on the > server as owned by the uid number for the user on the client (and > wrong on the server). > > Everything works like it would on nfs v3 where the uid numbers are > the same on the client and server, but what's the point of the > rpcidmapd daemon if it doesn't actually map the ids? >for nfsv4 it is my understanding you need a central user store like ldap or nis (but don't use nis) or synchronize your password file to eternity. I do not have a centos nfs server (or a linux one, for that matter, what I want from nfsv4 are mainly the extended acls and those are not there until somebody wakes up and merges the richacl patch into the mainstream kernel), only clients, but they work fine using nfsv4 to both netapp as zfs (omnios) filers. Both the clients as the filers are configured to lookup up users in ldap (ipa in our case). I have no experience with idmapd in linux, but in solaris and netapp it gets ugly quite easily :-) -- groet, natxo