during boot I got this message: cp: error while loading shared libraries: libnfsidmap.so.0 I traced that to /lib/rcscripts/addons/udev-start.sh:seed_dev() : # copy over any persistant things if [[ -d /lib/udev/devices ]] ; then cp --preserve=all --recursive --update /lib/udev/devices/* /dev fi I noticed that from coreutils /bin/cp, /bin/mv and /bin/ls all link to libnfsidmap.so.0, which is installed in /usr/lib but since on my system /usr is mounted on an LVM volume and udev-start.sh is run before filesystems are mounted libnfsidmap.so won't be available should I file a separate bug about net-libs/libnfsidmap requesting to have it installed into /lib ? Portage 2.1.1-r1 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.4-r3, 2.6.18-suspend2 i686) ================================================================= System uname: 2.6.18-suspend2 i686 Intel(R) Pentium(R) M processor 1.73GHz Gentoo Base System version 1.12.4 Last Sync: Wed, 27 Sep 2006 08:20:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] app-admin/eselect-compiler: [Not Present] dev-java/java-config: 1.3.7, 2.0.30 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r1 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -g -march=pentium-m -funit-at-a-time -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev" CXXFLAGS="-O2 -g -march=pentium-m -funit-at-a-time -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig candy collision-protect digest distcc distlocks metadata-transfer parallel-fetch prelink sandbox severe sfperms strict userpriv usersandbox" GENTOO_MIRRORS=" http://www.die.unipd.it/pub/Linux/distributions/gentoo-sources http://mirror.switch.ch/ftp/mirror/gentoo" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LINGUAS="en it" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from /etc/portage/rsync_excludes --human-readable --progress" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/e17 /usr/local/overlays/sunrise-reviewed /usr/local/overlays/bmg-main /usr/local/overlays/fluidportage /usr/local/overlays/xgl-coffee /usr/local/overlays/ste" SYNC="rsync://rsync1.it.gentoo.org/gentoo-portage" USE="x86 3dnow 7zip GAPING_SECURITY_HOLE X a52 aac aalib acl acpi adns aim alsa amr apache apache2 ares atk bash-completion bcmath berkdb bitmap-fonts bluetooth bonobo browserplugin bzip2 cairo caps cdda cddb cdparanoia cdr cli cpdflib crypt css ctype cups curl curlwrappers daap dba dbus dga divx4linux dlloader dmalloc dpms dri dts dv dvb dvd dvdr dvi eds elibc_glibc emacs emboss encode ethereal exif expat fam fbcon ffmpeg fftw figlet firefox flac fortran ftp galago gd gdbm geoip gif gimp gimpprint glitz gmp gnome gnomedb gnustep gphoto2 gpm gprof gps graphviz gs gsl gtk gtkhtml gtkspell guile hal iconv icq idn ieee1394 imagemagick imap imlib imlib2 inotify input_devices_evdev input_devices_keyboard input_devices_mouse input_devices_penmount input_devices_ps2mouse input_devices_synaptics ipod ipv6 irc irda isdnlog jabber javascript jpeg jpeg2k kdeenablefinal kdehiddenvisibility kernel_linux latex lcms leim lesstif libcaca libg++ libnotify linguas_en linguas_it live m17n-lib mad maildir matroska mime mmap mmx mng mono motif moznocompose moznoirc moznomail mozsvg mp3 mpeg msn multicall musepack musicbrainz mysql nautilus ncurses net network nfs nls nntp nptl nptlonly nsplugin ocaml offensive ogg openexr opengl pam pango pcmcia pcre pdf perl pic png pnp posix ppds pppd profile python qdbm qt3 quicktime readline reflection rss ruby samba sasl scanner sdl session shared silc skey slang slp smartcard smime smtp sockets socks5 speex spell spl sqlite sse sse2 ssl startup-notification svg swig sysfs syslog taglib tetex theora threads tidy tiff tokenizer truetype truetype-fonts trusted type1-fonts udev uim unicode urandom usb userland_GNU v4l v4l2 vcd vhosts video_cards_ati video_cards_radeon video_cards_vesa vorbis widescreen win32codecs wmf x264 xgetdefault xine xml xml2 xmlrpc xorg xpm xrandr xscreensaver xsl xv xvid xvmc yahoo zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS
*** Bug 149543 has been marked as a duplicate of this bug. ***
*** Bug 159773 has been marked as a duplicate of this bug. ***
(In reply to comment #0) Same problem. > should I file a separate bug about net-libs/libnfsidmap requesting to have it > installed into /lib ? Then not only libnfsidmap should be in /lib, but also liblber, libldap, libssl, libcrypto (on my system for example). So it will be a bad idea, I think. You better reemerge libacl without nfs flag - then there will no this dependency and also this bug: http://bugs.gentoo.org/show_bug.cgi?id=162664
Any news on this?
nope ... as noted, moving libnfsidmap to / is not desirable due to all the baggage it can pull in
*** Bug 165546 has been marked as a duplicate of this bug. ***
This issue is a MAJOR f**kup -- we should do something about it. If you currently set up a new system with /usr on LVM and USE="acl nfs", your system fails to boot and is 100% unusable, it is even *unfixable* without external hands-on (like booting from a live-cd etc. and recompiling coreutils resp. acl) :(
Why not modify coreutils to build cp, mv, and ls statically?
Heath's idea seems to be a good compromise until a more time-proof solution is found. Don't you think ? This bug is still marked as new, is still problematic and is around since September 2006, which is 6 months from now ! Something has to be done about it... About the idea of moving libnfsidmap.so* to /lib, I don't understand why it could be an issue in the short / medium term. On my system, ldd for libnfsidmap.so reports dependencies on libc and ld.so only so it shouldn't be most of a problem (coreutils merged with USE flags acl nfs & xattr). Should it ?
forgot to say it was with coreutils-6.9... here is my emerge --info if it can be of any use... System up to date as of today for all the overlays btw. Portage 2.1.2.2 (default-linux/amd64/2006.1, gcc-4.1.2, glibc-2.5-r1, 2.6.20-suspend2-r3 x86_64) ================================================================= System uname: 2.6.20-suspend2-r3 x86_64 Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz Gentoo Base System release 1.12.9 Timestamp of tree: Mon, 26 Mar 2007 09:50:01 +0000 ccache version 2.4 [disabled] dev-java/java-config: 1.3.7, 2.0.31-r5 dev-lang/python: 2.4.4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r6 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17.50.0.14 sys-devel/gcc-config: 1.3.15-r1 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.20-r2 ACCEPT_KEYWORDS="amd64 ~amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FEATURES="autoconfig collision-protect distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.modulix.net/gentoo http://ftp.heanet.ie/mirrors/gentoo.org http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LDFLAGS="-Wl,-O1 -Wl,--hash-style=both" LINGUAS="en fr" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/gentopia /usr/portage/local/layman/voip /usr/portage/local/layman/toolchain /usr/portage/local/layman/vmware /usr/portage/local/layman/enlightenment /usr/portage/local/layman/sunrise /usr/portage/local/layman/xeffects /usr/portage/local/layman/kde /usr/portage/local/layman/nouveau /usr/local/portage" SYNC="rsync://rsync4.fr.gentoo.org/gentoo-portage" USE="3ds 7zip X a52 aac aalib ace acl acpi addbookmarks aim akode alias alsa amarok amd64 amr amuled ao aoss aotuv apache apache2 arts asf asterisk async audacious audiofile autoipd autoreplace avahi background bash-completion bcmath bdf beagle berkdb binary-drivers binfilter bitmap-fonts bittorrent bl blender-game bluetooth bmg bonjour bookmarks bootsplash branding bzip2 cairo calendar cap caps ccache cdda cdinstall cdio cdparanoia cdr cdrom cdsound cegui cg chm chroot clamav cli connectionstatus contactnotes cracklib crypt cscope css ctype cups curl curlwrappers cursors daap dba dbm dbus decibel dedicated devil devmap dga dhcp dio discard-path djvu dlloader dmi dri dts dv dvb dvd dvdr dvdread dvi ecc emovix enca encode epson excel exif expat extraengine extrafilters extras fame fbsplash festival ffmpeg fftw finger firefox flac fontconfig foomaticdb force-cgi-redirect fortran fpx fr ftp fuse gadu galago gd gdbm gif gimp gimpprint glitz glut glx gmail gmp gnokii gnutls gphoto2 gpm graphviz groupwise gsm gtk gzip hal hash hfs highlight history hpn ical icons iconv icq idn ieee1394 imagemagick imlib imlib2 immqt-bc inkjar innodb inotify ipod ipv6 irc irda isdnlog ithreads java javascript jbig jce jikes jingle john jpeg jpeg2k kcal kde kdeenablefinal kdm kickoff lame latex lcms libedit libg++ libnotify libsamplerate lirc live lm_sensors logitech-mouse lua lzo lzw mad matroska max-idx-128 mbrola mhash midi mikmod mjpeg mmap mng mod modplug mono mozbranding mp3 mp4 mpeg mplayer mpm-prefork msn msnextras mtp musepack music musicbrainz mysql mysqli ncurses netmeeting network network_manager new-clx newspr nfs njb nls nntp no-old-linux nowlistening nptl nptlonly nsplugin ntfs ntlm ntlm_unsupported_patch numeric nvidia offensive ogg ogre ole openal openexr opengl p2p pam pam_chroot pam_console pcre pdf perl pertty php physfs plotutils png pnp posix postgres postscript ppds pppd python qt3 qt3support qt4 quicktime rar rdesktop readline reflection reiser4 reiserfs rle rtc rtsp ruby samba sametime scanner script sdk sdl sdl-sound sensord server session sharedext shout sid simplexml skey skins slang slp smime smp sms sndfile snmp soap sockets socks3035 socks5 sound sounds speech speex spell spl sql sqlite sqlite3 srvdir ssl statistics stream subp subtitles subversion svg syslog sysvipc t1lib tcl tcpd tetex texteffect theora threads threadsafe tidy tiff timidity tk tokenizer toolbar tordns translator transmitter transparency truetype truetype-fonts twolame type1-fonts ucs2 udev unicode unzip upnp urandom usb utempter utf8 v4l v4l2 vcd vdr vidcap vim vim-pager vim-syntax visualization vlm vorbis wavpack webpresence wifi winbind winpopup wma wmf wxwindows x264 xanim xattr xcomposite xerces-c xine xinerama xml xmldoclet xmlreader xmlrpc xmlwriter xorg xpm xscreensaver xsl xv xvid xvmc yahoo yv12 zeroconf zip zlib" ALSA_CARDS="mpu401 hda-intel usb-audio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="mouse keyboard evdev wacom synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en fr" LIRC_DEVICES="serial sir userspace" USERLAND="GNU" VIDEO_CARDS="vesa nv nvidia v4l nouveau" Unset: CTARGET, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Any news on this one? I just build an initrd (with genkernel) to get a bootsplash. Everything was OK until I pressed F2. In verbose mode I started to see these libnfsidmap errors. System is still booteable and seems to work. Booting _without_ splash=... ; same kernel, same initrd, same videomode I see no errors. Is this just a bootsplash bug? Regards, Norberto
I'm sorry. I forgot to add myself to this bug
*** Bug 183598 has been marked as a duplicate of this bug. ***
What i did to fix my system that boots NFS Root then mount /usr on NFS is change net-libs/libnfsidmap ebuild install function to: src_install() { emake install DESTDIR="${D}" || die dodoc AUTHORS ChangeLog NEWS README # move shared libs to / dodir /$(get_libdir) mv "${D}"/usr/$(get_libdir)/*.so* "${D}"/$(get_libdir)/ || die "could not move shared" gen_usr_ldscript libnfsidmap.so } This one change is the difference between my machines booting over NFS or not. On some mythtv frontends (client machines) i have all of them sharing /usr to save disk space on the server.
*** Bug 198882 has been marked as a duplicate of this bug. ***
*** Bug 203096 has been marked as a duplicate of this bug. ***
So, vapier, are all of the solutions listed here not sane? If so, what can we do to fix this situation?
there are no solutions here as moving libnfsidmap into / is not really feasible as Alexander perfectly enumerated in comment #3 disabling USE=nfs for libacl via package.use.mask is probably the way to go
Blocking USE=nfs for ACL means that you can't use ACLs with NFSv4, which sucks too. Combining this this with libnfsidmap built with USE=ldap, means that libnfsidmap is linked against libldap, liblber, and because of those, also libssl and libcrypto. The only solution that solves both problems of booting and having ACL support for NFSv4, is moving those 4 libs into /lib/. crypto = 1.5M, lber = 56k, ldap = 223k, ssl = 308k. I've CC'd the ACL NFS patch author to here, and looking around, I see that Fedora dropped the ACL NFS patch for the same above reason.
that is why i said package.use.mask it. people are still free to unmask it on their platforms and get the functionality, it's just up to them to make sure their /usr is on the same partition as /. i've gone ahead and done this now. dont know how complicated the NFS4 patch is, but it could be given a small layer where it dlopen's things. the patch needs to be tweaked at any rate to touch configure so it's a proper build option instead of patching Makefile's to force it on all the time.
The patch in question does some complicated translation to make it possible for a user to manipulate nfsv4 acls as if they were (less complicated) posix acls. There's a separate package: http://www.citi.umich.edu/projects/nfsv4/linux/nfs4-acl-tools/ which provides client tools (gui and commandline) for manipulating nfsv4 acls directly without a translation layer on the client. (The linux server still does similar translation.) Due to its obvious problems and limited purpose, the nfsv4<->posix-translation patch is something that should applied only for users that are interested in NFSv4 specifically, aren't satisfied by the nfsv4 acl-specific tools at the url above, and understand that this particular patch is experimental. There's some work ongoing to make the annoying dependencies run-time instead of compile-time; that should be announced on nfsv4@linux-nfs.org when it's ready.
the nfs4-acl-tools package is in the tree ... that would seem to fill the gap for people who need it the only advantage i can think of off the top of my head is that being in libacl allows standard utilities to copy things (like cp or rsync)
Note: The just added "sys-apps/acl nfs" mask in base/package.use.mask has a rather undesirable effect: It blocks nfs+acl also for NFSv3, not just NFSv4 where libnfsidmap is required. Thus it breaks existing functionality for NFS3 users who weren't affected by the libnfsidmap problem in the first place. (Here, it broke backups, due to a "setfacl -m g:backup:rw- ..." failing). Perhaps sys-apps/acl could also use the nonfsv4 USE flag which nfs-tools uses, and if set, allow acl without libnfsidmap?
that really doesnt make sense. you either get nfs support in libacl or you dont. there is no "it works for nfsv3 but not nfsv4". libacl either supports nfs via libnfsidmap and thus has the /usr issue or it doesnt. i dont know what magic you expect to get by renaming the USE flag.
NFSv2/v3 use exactly the same user<->kernel interface for acls as do ext3 and other linux filesystems that support posix acls. It's only NFSv4 that's special. So if you have libacl (and libacl support in cp, ls, etc.), then you've got all you need for v2 and v3.
*** Bug 210091 has been marked as a duplicate of this bug. ***
bfields: has upstream made any progress on this per your comment #21 that was looking into making the deps runtime instead of buildtime?
I haven't been following this as closely as I should, but I *believe* that libnfsidmap now loads the libraries it needs with dlopen() at runtime. So the dependency on libnfsidmap is still there, but it shouldn't depend on as much (in particular, it shouldn't have a compile-time dependency on krb5 any more). So, it would be worth retrying with the latest libnfsidmap (>=0.21).
ping
Is this still a problem today? Comment #28 mentions improvements.
the nfs flag has been dropped from sys-apps/acl so it's no longer an issue
