[OmniOS-discuss] NFSv4 id mapping only working on client but not server?

Ian Kaufman ikaufman at eng.ucsd.edu
Mon Dec 8 16:54:10 UTC 2014


No, what we are saying is NFSv4 and RPC are not compatible right now,
and thus AUTH_SYS/AUTH_UNIX will not map UIDs by name, but by number
over RPC. If you are not going to use Kerberos or LDAP, then you need
to sync UIDs/UIDNumber in /etc/passwd. It's not that Solaris and Linux
are incompatible, it's that RPC does not support NFSv4.

Ian

On Mon, Dec 8, 2014 at 5:25 AM, John Klimek <jklimek at gmail.com> wrote:
> Thanks everybody.
>
> Are you guys saying that Solaris and Linux are incompatible for sharing
> NFSv4 ACLs (because of RPC differences, etc) ?
>
> On Sun, Dec 7, 2014 at 5:43 PM, Frank Pittel <fwp at deepthought.com> wrote:
>>
>> I've tried doing this with NFS4 a couple of years ago and what I found was
>> that
>> while the UID mapping worked for things like "ls" anytime you tried to
>> actually
>> do anything with the file RPC calls were made and since that's outside of
>> NFS they
>> failed.
>>
>> It was a couple of years ago now since I went through it but the upshot is
>> that
>> at least then uid mapping didn't work in any meaningful way!
>>
>> The Other Frank
>>
>>
>>
>> On Thu, Dec 04, 2014 at 01:55:11PM -0500, John Klimek wrote:
>> > Thanks, I will give this a try.
>> >
>> > However, when I create a file if I check the acl on Omni, it does have
>> > extended permissions and looks correct.  It's only the uid and gid that
>> > I'm
>> > trying to get mapped correctly.
>> >
>> > Do you still think that noacl will solve that problem?
>> >
>> > (I'm migrating some virtual machines so I can't try out the setting you
>> > mentioned until a few more minutes...)
>> >
>> > On Thu, Dec 4, 2014 at 1:37 PM, Michael Rasmussen <mir at miras.org> wrote:
>> >
>> > > On Thu, 4 Dec 2014 13:20:04 -0500
>> > > John Klimek <jklimek at gmail.com> wrote:
>> > >
>> > > >
>> > > > What can I have setup wrong?
>> > > >
>> > > > I can't find any debugging or logging options for nfsmapid...
>> > > >
>> > > > Also, does the uidmap and gidmap share.nfs options only work for
>> > > > NFSv3?
>> > > Solaris and derivatives implementation of NFS ACL is not compliant to
>> > > the
>> > > Linux NFS ACL.
>> > > More directly it is the ACL in Linux which is not POSIX conformant so
>> > > to
>> > > avoid problems you
>> > > should add the mount option noacl in your Linux fstab file. Noacl will
>> > > instruct Omnios NFS
>> > > to revert to plain old uid/gid.
>> > >
>> > > --
>> > > Hilsen/Regards
>> > > Michael Rasmussen
>> > >
>> > > Get my public GnuPG keys:
>> > > michael <at> rasmussen <dot> cc
>> > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E
>> > > mir <at> datanom <dot> net
>> > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C
>> > > mir <at> miras <dot> org
>> > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917
>> > > --------------------------------------------------------------
>> > > /usr/games/fortune -es says:
>> > > Don't just echo the code with comments - make every comment count.
>> > >             - The Elements of Programming Style (Kernighan & Plaugher)
>> > >
>> > > _______________________________________________
>> > > OmniOS-discuss mailing list
>> > > OmniOS-discuss at lists.omniti.com
>> > > http://lists.omniti.com/mailman/listinfo/omnios-discuss
>> > >
>> > >
>>
>> > _______________________________________________
>> > OmniOS-discuss mailing list
>> > OmniOS-discuss at lists.omniti.com
>> > http://lists.omniti.com/mailman/listinfo/omnios-discuss
>>
>
>
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
>



-- 
Ian Kaufman
Research Systems Administrator
UC San Diego, Jacobs School of Engineering ikaufman AT ucsd DOT edu


More information about the OmniOS-discuss mailing list