NFS is having a strange Permission Problem which doesnt seem to have a logical error source. Owner of /home/<user> are on both sys the same (pw, uid, name) but not when the share is mounted (see more in additionel) Reproducible: Always Steps to Reproduce: 1.mount host:/home /home 2.log on via gdm 3. Actual Results: I am getting permission errors and problems when i want to change something. Expected Results: Normal working without warnings and permission problems like when i use the local /home I got an NFS Server which shares the /home folder in the Network server ~ # cat /etc/exports # /etc/exports: NFS file systems being exported. See exports(5). # Home Verzeichnis /home 192.168.1.0/16(rw,async) On the server as on the client there both my <user> with the same passwort and uid (1000) in the passwd db. When i now want to "mount 192.168.178.3:/home /home" everything I am getting the warning that the owner and permissions of ".dmrc" are setted wrong and because of this ignored. The strange is that on server my username is the owner but when i want to ls on the client theres no username but a numbercode. but see self: server ~ # ls -al /home/<user> insgesamt 172 drwxr-xr-x 30 <user> <user> 4096 13. Mai 21:02 . drwxrwxrwx 5 root root 4096 13. Mai 17:41 .. -rw------- 1 <user> <user> 2902 13. Mai 21:02 .ICEauthority drwx------ 3 <user> <user> 4096 12. Mai 22:08 .adobe -rw------- 1 <user> <user> 66 13. Mai 17:57 .bash_history drwx------ 5 <user> <user> 4096 12. Mai 22:09 .cache drwxr-xr-x 12 <user> <user> 4096 13. Mai 15:58 .config drwx------ 3 <user> <user> 4096 12. Mai 21:18 .dbus -rw------- 1 <user> <user> 26 13. Mai 17:41 .dmrc drwxr-xr-x 4 <user> <user> 4096 12. Mai 22:13 .emerald drwx------ 4 <user> <user> 4096 13. Mai 21:02 .gconf drwx------ 2 <user> <user> 4096 13. Mai 21:06 .gconfd -rw-r----- 1 <user> <user> 0 13. Mai 16:10 .gksu.lock drwx------ 6 <user> <user> 4096 13. Mai 17:57 .gnome2 drwx------ 2 <user> <user> 4096 13. Mai 16:04 .gnome2_private drwxr-xr-x 2 <user> <user> 4096 12. Mai 21:18 .gstreamer-0.10 drwxr-xr-x 2 <user> <user> 4096 12. Mai 22:11 .icons drwxr-xr-x 3 <user> <user> 4096 12. Mai 21:18 .local drwx------ 3 <user> <user> 4096 12. Mai 22:08 .macromedia drwxr-xr-x 2 <user> <user> 4096 13. Mai 15:58 .mplayer drwxr-xr-x 2 <user> <user> 4096 12. Mai 21:18 .nautilus drwx------ 3 <user> <user> 4096 12. Mai 21:18 .pki drwx------ 2 <user> <user> 4096 13. Mai 16:26 .ssh drwxr-xr-x 2 <user> <user> 4096 12. Mai 22:11 .themes drwx------ 3 <user> <user> 4096 12. Mai 22:11 .thumbnails -rw-r--r-- 1 <user> <user> 1817 13. Mai 21:03 .xsession-errors everthing normal but on the client it looks completly different: ls -al /home/<user> insgesamt 172 drwxr-xr-x 30 4294967294 4294967294 4096 13. Mai 21:02 . drwxrwxrwx 5 4294967294 4294967294 4096 13. Mai 17:41 .. -rw------- 1 4294967294 4294967294 2902 13. Mai 21:02 .ICEauthority drwx------ 3 4294967294 4294967294 4096 12. Mai 22:08 .adobe -rw------- 1 4294967294 4294967294 66 13. Mai 17:57 .bash_history drwx------ 5 4294967294 4294967294 4096 12. Mai 22:09 .cache drwxr-xr-x 12 4294967294 4294967294 4096 13. Mai 15:58 .config drwx------ 3 4294967294 4294967294 4096 12. Mai 21:18 .dbus -rw------- 1 4294967294 4294967294 26 13. Mai 17:41 .dmrc drwxr-xr-x 4 4294967294 4294967294 4096 12. Mai 22:13 .emerald drwx------ 4 4294967294 4294967294 4096 13. Mai 21:02 .gconf drwx------ 2 4294967294 4294967294 4096 13. Mai 21:06 .gconfd -rw-r----- 1 4294967294 4294967294 0 13. Mai 16:10 .gksu.lock drwx------ 6 4294967294 4294967294 4096 13. Mai 17:57 .gnome2 drwx------ 2 4294967294 4294967294 4096 13. Mai 16:04 .gnome2_private drwxr-xr-x 2 4294967294 4294967294 4096 12. Mai 21:18 .gstreamer-0.10 drwxr-xr-x 2 4294967294 4294967294 4096 12. Mai 22:11 .icons drwxr-xr-x 3 4294967294 4294967294 4096 12. Mai 21:18 .local drwx------ 3 4294967294 4294967294 4096 12. Mai 22:08 .macromedia drwxr-xr-x 2 4294967294 4294967294 4096 13. Mai 15:58 .mplayer drwxr-xr-x 2 4294967294 4294967294 4096 12. Mai 21:18 .nautilus drwx------ 3 4294967294 4294967294 4096 12. Mai 21:18 .pki drwx------ 2 4294967294 4294967294 4096 13. Mai 16:26 .ssh drwxr-xr-x 2 4294967294 4294967294 4096 12. Mai 22:11 .themes drwx------ 3 4294967294 4294967294 4096 12. Mai 22:11 .thumbnails -rw-r--r-- 1 4294967294 4294967294 1817 13. Mai 21:03 .xsession-errors When i mount /home with samba/cifs there arent any problems like this. I already searched for hours in google but didnt found anything similar so i opened a bug even if it could be its just a stupid configuration error from me regard
Make sure you have set proper domain in /etc/idmapd.conf (Must be the same on both nodes) and that rpcbind is running.
thankyou for the quick answer :) should i also uncomment the nfs4 options? cat /etc/idmapd.conf [General] #Verbosity = 0 # The following should be set to the local NFSv4 domain name # The default is the host's DNS domain name. Domain = local.domain.de #The following is a comma-separated list of Kerberos realm # names that should be considered to be equivalent to the # local realm, such that <user>@REALM.A can be assumed to # be the same user as <user>@REALM.B # If not specified, the default local realm is the domain name, # which defaults to the host's DNS domain name, # translated to upper-case. # Note that if this value is specified, the local realm name # must be included in the list! #Local-Realms = [Mapping] #Nobody-User = nobody #Nobody-Group = nobody [Translation] # Translation Method is an comma-separated, ordered list of # translation methods that can be used. Distributed methods # include "nsswitch", "umich_ldap", and "static". Each method # is a dynamically loadable plugin library. # New methods may be defined and inserted in the list. # The default is "nsswitch". #Method = nsswitch # Optional. This is a comma-separated, ordered list of # translation methods to be used for translating GSS # authenticated names to ids. # If this option is omitted, the same methods as those # specified in "Method" are used. #GSS-Methods = <alternate method list for translating GSS names> #-------------------------------------------------------------------# # The following are used only for the "static" Translation Method. #-------------------------------------------------------------------# [Static] # A "static" list of GSS-Authenticated names to # local user name mappings #someuser@REALM = localuser #-------------------------------------------------------------------# # The following are used only for the "umich_ldap" Translation Method. #-------------------------------------------------------------------# [UMICH_SCHEMA] # server information (REQUIRED) LDAP_server = ldap-server.local.domain.edu # the default search base (REQUIRED) LDAP_base = dc=local,dc=domain,dc=edu #-----------------------------------------------------------# # The remaining options have defaults (as shown) # and are therefore not required. #-----------------------------------------------------------# # whether or not to perform canonicalization on the # name given as LDAP_server #LDAP_canonicalize_name = true # absolute search base for (people) accounts #LDAP_people_base = <LDAP_base> # absolute search base for groups #LDAP_group_base = <LDAP_base> # Set to true to enable SSL - anything else is not enabled #LDAP_use_ssl = false # You must specify a CA certificate location if you enable SSL #LDAP_ca_cert = /etc/ldapca.cert # Objectclass mapping information # Mapping for the person (account) object class #NFSv4_person_objectclass = NFSv4RemotePerson # Mapping for the nfsv4name attribute the person object #NFSv4_name_attr = NFSv4Name # Mapping for the UID number #NFSv4_uid_attr = UIDNumber # Mapping for the GSSAPI Principal name #GSS_principal_attr = GSSAuthName # Mapping for the account name attribute (usually uid) # The value for this attribute must match the value of # the group member attribute - NFSv4_member_attr #NFSv4_acctname_attr = uid # Mapping for the group object class #NFSv4_group_objectclass = NFSv4RemoteGroup # Mapping for the GID attribute #NFSv4_gid_attr = GIDNumber # Mapping for the Group NFSv4 name #NFSv4_group_attr = NFSv4Name # Mapping for the Group member attribute (usually memberUID) # The value of this attribute must match the value of NFSv4_acctname_attr #NFSv4_member_attr = memberUID rpcbind is running but i am getting the error: rpcbind: cannot create socket for tdp6 rpcbind: cannot create socket for udp6 I googled already a little but didnt found a clear workaround. regards
(In reply to comment #3) You haven't written if setting domain helped... Those warning are related to IPv6, if you're not using it, you can ignore it. Either way that doesn't look like bug in nfs-utils so bugs.gentoo.org is not a place to seek a solution. I'll close this bug now. If you need any help regarding nfs please poke me at #gentoo-cluster @irc.freenode.net or directly via mail. Best regards, Kacper Kowalik
Setting Domain in /etc/idmapd.conf doesn't help. The setting is ignored, and this can be seen by setting Verbosity = 3 and /etc/init.d/rpc.idmapd restart --- rpc.idnapd reports that the domain isn't set and is defaulting to localdomain.
