Summary: | NFS permission problem (uid) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | selberbauer <kyogron> |
Component: | [OLD] Server | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | xarthisius |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
selberbauer
2011-05-13 19:18:03 UTC
Make sure you have set proper domain in /etc/idmapd.conf (Must be the same on both nodes) and that rpcbind is running. thankyou for the quick answer :) should i also uncomment the nfs4 options? cat /etc/idmapd.conf [General] #Verbosity = 0 # The following should be set to the local NFSv4 domain name # The default is the host's DNS domain name. Domain = local.domain.de #The following is a comma-separated list of Kerberos realm # names that should be considered to be equivalent to the # local realm, such that <user>@REALM.A can be assumed to # be the same user as <user>@REALM.B # If not specified, the default local realm is the domain name, # which defaults to the host's DNS domain name, # translated to upper-case. # Note that if this value is specified, the local realm name # must be included in the list! #Local-Realms = [Mapping] #Nobody-User = nobody #Nobody-Group = nobody [Translation] # Translation Method is an comma-separated, ordered list of # translation methods that can be used. Distributed methods # include "nsswitch", "umich_ldap", and "static". Each method # is a dynamically loadable plugin library. # New methods may be defined and inserted in the list. # The default is "nsswitch". #Method = nsswitch # Optional. This is a comma-separated, ordered list of # translation methods to be used for translating GSS # authenticated names to ids. # If this option is omitted, the same methods as those # specified in "Method" are used. #GSS-Methods = <alternate method list for translating GSS names> #-------------------------------------------------------------------# # The following are used only for the "static" Translation Method. #-------------------------------------------------------------------# [Static] # A "static" list of GSS-Authenticated names to # local user name mappings #someuser@REALM = localuser #-------------------------------------------------------------------# # The following are used only for the "umich_ldap" Translation Method. #-------------------------------------------------------------------# [UMICH_SCHEMA] # server information (REQUIRED) LDAP_server = ldap-server.local.domain.edu # the default search base (REQUIRED) LDAP_base = dc=local,dc=domain,dc=edu #-----------------------------------------------------------# # The remaining options have defaults (as shown) # and are therefore not required. #-----------------------------------------------------------# # whether or not to perform canonicalization on the # name given as LDAP_server #LDAP_canonicalize_name = true # absolute search base for (people) accounts #LDAP_people_base = <LDAP_base> # absolute search base for groups #LDAP_group_base = <LDAP_base> # Set to true to enable SSL - anything else is not enabled #LDAP_use_ssl = false # You must specify a CA certificate location if you enable SSL #LDAP_ca_cert = /etc/ldapca.cert # Objectclass mapping information # Mapping for the person (account) object class #NFSv4_person_objectclass = NFSv4RemotePerson # Mapping for the nfsv4name attribute the person object #NFSv4_name_attr = NFSv4Name # Mapping for the UID number #NFSv4_uid_attr = UIDNumber # Mapping for the GSSAPI Principal name #GSS_principal_attr = GSSAuthName # Mapping for the account name attribute (usually uid) # The value for this attribute must match the value of # the group member attribute - NFSv4_member_attr #NFSv4_acctname_attr = uid # Mapping for the group object class #NFSv4_group_objectclass = NFSv4RemoteGroup # Mapping for the GID attribute #NFSv4_gid_attr = GIDNumber # Mapping for the Group NFSv4 name #NFSv4_group_attr = NFSv4Name # Mapping for the Group member attribute (usually memberUID) # The value of this attribute must match the value of NFSv4_acctname_attr #NFSv4_member_attr = memberUID rpcbind is running but i am getting the error: rpcbind: cannot create socket for tdp6 rpcbind: cannot create socket for udp6 I googled already a little but didnt found a clear workaround. regards (In reply to comment #3) You haven't written if setting domain helped... Those warning are related to IPv6, if you're not using it, you can ignore it. Either way that doesn't look like bug in nfs-utils so bugs.gentoo.org is not a place to seek a solution. I'll close this bug now. If you need any help regarding nfs please poke me at #gentoo-cluster @irc.freenode.net or directly via mail. Best regards, Kacper Kowalik Setting Domain in /etc/idmapd.conf doesn't help. The setting is ignored, and this can be seen by setting Verbosity = 3 and /etc/init.d/rpc.idmapd restart --- rpc.idnapd reports that the domain isn't set and is defaulting to localdomain. |