<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
On 05/13/2011 12:13 PM, nasir nasir wrote:
<blockquote cite="mid:560118.85737.qm@web161309.mail.bf1.yahoo.com"
type="cite">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="font: inherit;" valign="top">
<div>Adam,</div>
<div><br>
</div>
<div>Thanks indeed!</div>
<div><br>
</div>
<div>I tried your suggestions. </div>
<div><br>
</div>
<div> -- I can mkdir</div>
<div> -- When I try to chown, I get the following error</div>
<div><br>
</div>
<div>
<div><b>chown: changing ownership of `nasir': Operation
not permitted</b></div>
</div>
<div><br>
</div>
<div>Could you please explain me what do you mean by 'You
probably need rwx permissions in /etc/export' ? This is
my /etc/export file,</div>
</td>
</tr>
</tbody>
</table>
</blockquote>
<br>
see the '(rw' in those lines? That indicates read and write
privs, but not execute. <br>
<br>
I'm not an nfs guru, so I might be wrong. this post suggests that I
am wrong: <br>
<br>
<a class="moz-txt-link-freetext" href="http://jackhammer.org/node/7">http://jackhammer.org/node/7</a><br>
<br>
SInce IPA is managing the IDs, they should be in sync across the NFS
and autmounted client machines, but there might be something not
right in the setup. if the IPA server isn't managing the machine
that serves as your NFS server, then the IDs are certainly going to
be out of sync.<br>
<br>
<br>
<br>
<blockquote cite="mid:560118.85737.qm@web161309.mail.bf1.yahoo.com"
type="cite">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="font: inherit;" valign="top">
<div><br>
</div>
<div>
<div><b>/xtra
*(rw,fsid=0,insecure,no_root_squash,no_subtree_check)</b></div>
<div><b>/xtra
gss/krb5(rw,fsid=0,insecure,no_root_squash,no_subtree_check)</b></div>
<div><b>/xtra
gss/krb5i(rw,fsid=0,insecure,no_root_squash,no_subtree_check)</b></div>
<div><b>/xtra
gss/krb5p(rw,fsid=0,insecure,no_root_squash,no_subtree_check)</b></div>
</div>
<div><br>
</div>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<div>Also, I have configured a separate client machine
(RHEL 6.1) and configured it as NFS server (previously
my NFS server was IPA server itself) and the result is
same. All the above commands are from this client
machine only.</div>
<div><br>
</div>
<div>Thanks indeed again!</div>
<div><br>
</div>
<div>Regards,</div>
<div>Nidal</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<blockquote style="border-left: 2px solid rgb(16, 16,
255); margin-left: 5px; padding-left: 5px;">
<div id="yiv1497137959">
<blockquote type="cite">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="font: inherit;" valign="top">
<div><font class="Apple-style-span"
size="2"><br>
</font> </div>
<div>
<div><b>oddjob-mkhomedir[16401]: error
setting permissions on /home/abc:
Operation not permitted</b></div>
</div>
</td>
</tr>
</tbody>
</table>
</blockquote>
<br>
It might be a root squash issue. My guess is that
the order of operations for creating a root
directory, which is done by root, is:<br>
<br>
1. mkdir /home/userid<br>
2. chown uid:gid /home/userid<br>
<br>
It sounds from the error message that the first
stage happened, but NFS is not allowing the second
stage. To confirm, as a root (and kinit admin)
user on the client machine, just try these two steps
in order and see if they still fail.<br>
<br>
chown is a different system call from mkdir, and
might have different nfs enforced permissions. You
probably need rwx permissions in /etc/export.</div>
<div id="yiv1497137959"> </div>
</blockquote>
</div>
</td>
</tr>
</tbody>
</table>
</blockquote>
<br>
</body>
</html>