NFS4 home mounts owned by nfsnobody

John Austin ja at jaa.org.uk
Thu Jun 25 10:40:28 UTC 2009 

On Thu, 2009-06-25 at 10:34 +0100, John Austin wrote:
> On Thu, 2009-06-25 at 01:15 -0400, Braden McDaniel wrote:
> > On Wed, 2009-06-24 at 20:53 +0100, John Austin wrote: 
> > > On Wed, 2009-06-24 at 14:15 -0400, Braden McDaniel wrote:
> > 
> > [snip]
> > 
> > > > I have a similar error message:
> > > > 
> > > >         Jun 24 13:49:57 bolt rpc.idmapd[2481]: nss_getpwnam: name 'braden at hinge.endoframe.net' does not map into domain 'endoframe.net'
> > > > 
> > > > hinge is my NIS server machine (as well as the NFS server); this error
> > > > message occurs on the client.  Adding an entry for hinge to /etc/hosts
> > > > does not appear to have changed this.
> > > > 
> > > >         # cat /etc/hosts
> > > >         127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 bolt bolt.endoframe.net
> > > >         ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
> > > >         192.168.1.21 hinge hinge.endoframe.net
> > > > 
> > > 
> > > 
> > > The error message suggests "something" (rpc.idmapd ?)  is adding the
> > > server !!!!  hostname (hinge) !!!! to the domainname which is causing
> > > the problem.
> > 
> > Yup.
> > 
> > > Try putting just bolt (and not bolt.endoframe.net)
> > > and no 192.168.1.21 hinge hinge.endoframe.net in /etc/hosts
> > > and reboot
> > 
> > That was the first thing I tried. (Though I tried it again just for good
> > measure.)  The additions of bold.endoframe.net and the entry for hinge
> > were just experiments that had no discernible impact.
> > 
> > > My NFS server is also my NIS, dhcpd, samba and DNS server
> > 
> > My DNS server is on a separate box.  I'm not using DHCP.
> > 
> > > My NIS and DNS domains are both called jaa.org.uk
> > 
> > I'm close to changing my NIS domain to endoframe.net; but I doubt that's
> > the problem.
> > 
> > > On my clients I have
> > > naxos sysconfig 33# cat network
> > > HOSTNAME=naxos
> > > NETWORKING=yes
> > > NISDOMAIN=jaa.org.uk
> > 
> > I was fully qualifying HOSTNAME here.  I'm not anymore.
> > 
> > > I am using network and NOT NetworkManager
> > 
> > I've changed from NetworkManager to network.  The only impact of that
> > I've noticed was on clients, where ypbind wouldn't find the server at
> > boot when using NetworkManager.
> > 
> > One thing I've noticed is that even though I've changed HOSTNAME
> > in /etc/sysconfig/network to "hinge" (from "hinge.endoframe.net"),
> > ypinit still sees "hinge.endoframe.net":
> > 
> >         # /usr/lib64/yp/ypinit -m
> >         
> >         At this point, we have to construct a list of the hosts which will run NIS
> >         servers.  hinge.endoframe.net is in the list of NIS server hosts.  Please continue to add
> >         the names for the other hosts, one per line.  When you are done with the
> >         list, type a <control D>.
> >         	next host to add:  hinge.endoframe.net
> >         	next host to add:  
> > 
> > I am wondering if this could be related to the problem.  Do you know
> > where ypinit picks up this name from?  I've seen some howtos where it is
> > not fully qualified (e.g.,
> > <http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch30_:_Configuring_NIS#Initialize_Your_NIS_Domain>).
> > 
> > -- 
> > Braden McDaniel <braden at endoframe.com>
> > 
> 
> >From my NIS notes to myself - I don't like the number much !
> 
> 13. The NISDOMAIN (set in /etc/sysconfig/network) gets set (using nisdomainname)
>         when "service ypbind start" runs NOT when "ypbind" or "ypbind -debug"   
>         is run from the command line.                                           
>         It may be necessary to set it by hand (or run /etc/rd.d/ypbind start) when debugging.
> 
> This note reflects a painful experiences not realising that
> nisdomainname MUST be set before running ypinit !
> 
> So when generating the NIS maps the first time I run service ypbind start then stop
> Check nisdomainname and then run /usr/lib64/yp/ypinit -m to create the maps
> -----------------------------------------------------------
> 
> I am beginning to have a feeling that rpc.idmapd may have a bug in it or 
> perhaps does not interact correctly with something new in F11
> 
> The man page for rpc.idmapd (and idmapd.conf) are completely obsolete as you can no longer
> run it from a terminal in debug/interactive mode.
> 
> I have tried playing with the Domain parameter in /etc/idmapd.conf
> but everything I try results in nobody entries
> 
> I feel I have been very lucky to have nfs4 mapping working at all !!!!
> Understanding would be a bonus !
> 
> John
> 
I've found my problem - not that I had one !!
Just a total lack of awareness !!

I did not have

Domain = jaa.org.uk

in /etc/idmapd.conf on the Server and all the clients !!!!

Mine must have defaulted to the correct value somehow under F11
with the /etc/hosts entry set.
Whereas F10 seemed to work anyway

Learn something new every day !!

Is your problem the same ?

John

More information about the fedora-list mailing list