NFS4 home mounts owned by nfsnobody

John Austin ja at jaa.org.uk
Thu Jun 25 09:34:21 UTC 2009 

On Thu, 2009-06-25 at 01:15 -0400, Braden McDaniel wrote:
> On Wed, 2009-06-24 at 20:53 +0100, John Austin wrote: 
> > On Wed, 2009-06-24 at 14:15 -0400, Braden McDaniel wrote:
> 
> [snip]
> 
> > > I have a similar error message:
> > > 
> > >         Jun 24 13:49:57 bolt rpc.idmapd[2481]: nss_getpwnam: name 'braden at hinge.endoframe.net' does not map into domain 'endoframe.net'
> > > 
> > > hinge is my NIS server machine (as well as the NFS server); this error
> > > message occurs on the client.  Adding an entry for hinge to /etc/hosts
> > > does not appear to have changed this.
> > > 
> > >         # cat /etc/hosts
> > >         127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 bolt bolt.endoframe.net
> > >         ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
> > >         192.168.1.21 hinge hinge.endoframe.net
> > > 
> > 
> > 
> > The error message suggests "something" (rpc.idmapd ?)  is adding the
> > server !!!!  hostname (hinge) !!!! to the domainname which is causing
> > the problem.
> 
> Yup.
> 
> > Try putting just bolt (and not bolt.endoframe.net)
> > and no 192.168.1.21 hinge hinge.endoframe.net in /etc/hosts
> > and reboot
> 
> That was the first thing I tried. (Though I tried it again just for good
> measure.)  The additions of bold.endoframe.net and the entry for hinge
> were just experiments that had no discernible impact.
> 
> > My NFS server is also my NIS, dhcpd, samba and DNS server
> 
> My DNS server is on a separate box.  I'm not using DHCP.
> 
> > My NIS and DNS domains are both called jaa.org.uk
> 
> I'm close to changing my NIS domain to endoframe.net; but I doubt that's
> the problem.
> 
> > On my clients I have
> > naxos sysconfig 33# cat network
> > HOSTNAME=naxos
> > NETWORKING=yes
> > NISDOMAIN=jaa.org.uk
> 
> I was fully qualifying HOSTNAME here.  I'm not anymore.
> 
> > I am using network and NOT NetworkManager
> 
> I've changed from NetworkManager to network.  The only impact of that
> I've noticed was on clients, where ypbind wouldn't find the server at
> boot when using NetworkManager.
> 
> One thing I've noticed is that even though I've changed HOSTNAME
> in /etc/sysconfig/network to "hinge" (from "hinge.endoframe.net"),
> ypinit still sees "hinge.endoframe.net":
> 
>         # /usr/lib64/yp/ypinit -m
>         
>         At this point, we have to construct a list of the hosts which will run NIS
>         servers.  hinge.endoframe.net is in the list of NIS server hosts.  Please continue to add
>         the names for the other hosts, one per line.  When you are done with the
>         list, type a <control D>.
>         	next host to add:  hinge.endoframe.net
>         	next host to add:  
> 
> I am wondering if this could be related to the problem.  Do you know
> where ypinit picks up this name from?  I've seen some howtos where it is
> not fully qualified (e.g.,
> <http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch30_:_Configuring_NIS#Initialize_Your_NIS_Domain>).
> 
> -- 
> Braden McDaniel <braden at endoframe.com>
> 

>From my NIS notes to myself - I don't like the number much !

13. The NISDOMAIN (set in /etc/sysconfig/network) gets set (using nisdomainname)
        when "service ypbind start" runs NOT when "ypbind" or "ypbind -debug"   
        is run from the command line.                                           
        It may be necessary to set it by hand (or run /etc/rd.d/ypbind start) when debugging.

This note reflects a painful experiences not realising that
nisdomainname MUST be set before running ypinit !

So when generating the NIS maps the first time I run service ypbind start then stop
Check nisdomainname and then run /usr/lib64/yp/ypinit -m to create the maps
-----------------------------------------------------------

I am beginning to have a feeling that rpc.idmapd may have a bug in it or 
perhaps does not interact correctly with something new in F11

The man page for rpc.idmapd (and idmapd.conf) are completely obsolete as you can no longer
run it from a terminal in debug/interactive mode.

I have tried playing with the Domain parameter in /etc/idmapd.conf
but everything I try results in nobody entries

I feel I have been very lucky to have nfs4 mapping working at all !!!!
Understanding would be a bonus !

John

More information about the fedora-list mailing list