Re: [opensuse] NFS idmapping daemon, autofs problem

27 Jan 2009

      james Wright wrote:
...
Just curious if you have resolved this.  If not, try disabling NFSv4,
that may also do the trick.
- James W.
On Mon, Jan 19, 2009 at 11:22 PM, Jason Bailey, Sun Advocate Webmaster
 wrote:
...
james Wright wrote:
...
On 1/19/09, Jason Bailey, Sun Advocate Webmaster  wrote:
...
No, I'm not using NIS, and no, I don't have a user with ID 4294967294.
But I can SSH into the server (i.e. the box hosting the NFS
share/export) and verify that 4294967294 is not the owning UID or GID of
 ** any ** of the files on that share/export.
My user on the server and workstation share the same UID ... i.e. 1000.
The server shows ownership and permissions properly on the server's end
of the picture.
In fact, it appears that the permissions are being interpreted correctly
by the workstation, because files that are owned by UID 1000 can be
edited on the workstation, but files that UID 1000 does not have
permission to don't open. I think it's simply a labeling issue since
idmapd isn't running.
I've tried running the idmapd binary directly but it doesn't seem to do
anything. I know NFS has varied components and I figure I'm probably not
starting it correctly. Again, I usually just do '/etc/init.d/nfs start',
which starts idmapd... but I can't do that on opensuse 11.1.
And, in case you're wondering, I'm using sec=sys on the workstation
mount. Server = SLES 10 SP2, workstation = opensuse 11.1.
One quick question, that I assume you have done.  Have you
started/restarted /etc/init.d/autofs?
I have. I've also rebooted the workstation several times (for various
other reasons) and that hasn't helped. Is there another way to invoke
idmapd or trick the /etc/init.d/nfs script into loading it?
--
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org
Have I resolved this? Well, yes and no.

I don't want to disable NFSv4, because I use it to connect to my SLES
file server. It's very lightweight compared to CIFS (at least in my
experience), and unlike my samba setup, NFSv4 access permissions /
authentication isn't tied to my local Win2003 Active Directory domain
(only connections to samba are authenticated in that way), which is good
for my situation. The entire office here is full of Windows machines
except, well... me.

NFS works fine, except that without idmapd, I can't see who the actual
owning user/group is on files stored on the server. I've had to SSH into
the server a few times to get that info, which is a pain.

My workstation's NFS mount uses the sec=sys option, and I do have
matching gids and uids on the workstation (they match with my SLES 10
server).

I duplicated my NFS mount entries from my autofs file and placed them in
my fstab. The /etc/init.d/nfs script now starts and loads idmapd. But I
really don't like having mount info in two different places (i.e. fstab
and autofs). I can envision some sticky problems, especially if I change
options in one source and not the other.

With that said, I could not get idmapd to run on the workstation (i.e.
opensuse 11.1) without putting the NFS entry in fstab. I'd rather just
leave it to autofs, though, if I could - but I gotta have idmapd.
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org