[rhelv6-list] NFS ID map?
Bryan J Smith
b.j.smith at ieee.org
Tue Oct 22 18:51:51 UTC 2013
Both RHEL5 and RHEL6 work fine with NFS4. Although RHEL4 is capable
of supporting NFS4, I don't recommend it.
So ... are you sure you're actually getting NFS4 on RHEL6? Check with
/proc/mounts to be sure. ;)
Long story short ... file system type "nfs" during mount differs on
RHEL6 from RHEL5. You use "nfs" with option "vers=4" and not just
type "nfs4" on RHEL6. In fact, although don't quote me, but I think
nfs4 = nfs on RHEL6, with the "vers=" being everything.
Another reason I say this ... NFS4 exports work completely _different_
than NFSv3. You _must_ use fsid=0 and mount on the server under that
tree. That's completely different than NFSv3. One can use bind
mounts to solve such, but it also offers the nice feature of no longer
having to export everything.
Here's an example /etc/export from one of my servers. Note the
differences in not just fsid, but "subtree_check,crossmnt" (NFS4) and
"no_subtreecheck" (NFSv3).
#
# /etc/exports
#
# NFS4 fsid=0
# - First line is read-write w/full privacy (auth/auth/crypt/sign),
# but requires gss/krb5 (Kerberos)
# - Second line trusts a subnet (a.b.c.d/cidr) for read-only,
# but the idmapd domains/realm aliases must still match
/exports
gss/krb5p(rw,insecure,no_root_squash,subtree_check,crossmnt,fsid=0) \
172.16.x.x/20(ro,insecure,root_squash,subtree_check,crossmnt,fsid=0)
#
# NFSv3 fsid=3xxx
# - Legacy exports for NFSv3, one per share, read-only
/exports/share1
172.16.x.x/20(ro,insecure,no_subtree_check,no_root_squash,nohide,fsid=3010)
/exports/share2
172.16.x.x/20(ro,insecure,no_subtree_check,no_root_squash,nohide,fsid=3020)
/exports/share3
172.16.x.x/20(ro,insecure,no_subtree_check,no_root_squash,nohide,fsid=3030)
--
Bryan J Smith - Professional, Technical Annoyance
b.j.smith at ieee.org - http://www.linkedin.com/in/bjsmith
More information about the rhelv6-list
mailing list