Mailinglist Archive: opensuse (3536 mails)

< Previous Next >
Re: [opensuse] NFS idmapping daemon, autofs problem
  • From: Manfred Hollstein <manfred@xxxxxxxxxxxxxxxxx>
  • Date: Wed, 28 Jan 2009 10:16:05 +0100
  • Message-id: <20090128091605.GA5608@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Hi Jason,

On Tue, 27 Jan 2009, 20:37:41 +0100, Jason Bailey, Sun Advocate Webmaster wrote:
[...]
Have I resolved this? Well, yes and no.

I don't want to disable NFSv4, because I use it to connect to my SLES
file server. It's very lightweight compared to CIFS (at least in my
experience), and unlike my samba setup, NFSv4 access permissions /
authentication isn't tied to my local Win2003 Active Directory domain
(only connections to samba are authenticated in that way), which is good
for my situation. The entire office here is full of Windows machines
except, well... me.

NFS works fine, except that without idmapd, I can't see who the actual
owning user/group is on files stored on the server. I've had to SSH into
the server a few times to get that info, which is a pain.

My workstation's NFS mount uses the sec=sys option, and I do have
matching gids and uids on the workstation (they match with my SLES 10
server).

I duplicated my NFS mount entries from my autofs file and placed them in
my fstab. The /etc/init.d/nfs script now starts and loads idmapd. But I
really don't like having mount info in two different places (i.e. fstab
and autofs). I can envision some sticky problems, especially if I change
options in one source and not the other.

With that said, I could not get idmapd to run on the workstation (i.e.
opensuse 11.1) without putting the NFS entry in fstab. I'd rather just
leave it to autofs, though, if I could - but I gotta have idmapd.

The root of your problem is that there is no separate start script
available which starts just idmapd, as you already found out. One
possible work-around would be to activate the nfsserver script which
will then also fire up idmapd; if you leave /etc/exports empty, you can
even hide the mountd port (2049) behind your firewall so that nobody
will see your server. But having a separate start script for idmapd
would be much better, perhaps you should create an enhancement request
in bugzilla.

HTH, cheers.

l8er
manfred
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >