[rhelv6-list] NFS ID map?
Joshua Baker-LePain
jlb17 at duke.edu
Tue Oct 22 19:29:40 UTC 2013
On Tue, 22 Oct 2013 at 12:19pm, Chris Adams wrote
> Once upon a time, Chris Adams <linux at cmadams.net> said:
>> Oh, I figured out my problem - this temporary/migration export is on a
>> different subnet, and my fsid=0 export was was only for the new subnet.
>> D'oh! Fixed that, and NFSv4, and ID mapping (with the default config),
>> are now working. Now, on with the (migration) show!
>
> Well, I thought ID mapping was working. "ls" shows the right user, but
> I can't actually access directories as that user on the NFS client:
>
> $ id
> uid=500(vmail) gid=500(vmail) groups=500(vmail)
> $ ls -ld tmp
> drwx------ 2 vmail vmail 4096 Oct 22 14:09 tmp
> $ ls -l tmp
> ls: tmp: Permission denied
>
> The vmail user/group is 1000 on the NFS server. Why would the
> translation work for stat() calls from ls, but not when I try to
> actually access the files?
Are you using Kerberos with NFSv4? If not, then the numeric UIDs and GIDs
still must match. idmapd *will* map usernames for display purposes (i.e.
what 'ls -l' sees), but the numeric IDs are still used for permissions.
Clear as mud, ain't it?
At least, that's my experience of it...
--
Joshua Baker-LePain
QB3 Shared Cluster Sysadmin
UCSF
More information about the rhelv6-list
mailing list