Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
nfs4 and no authorization
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 10:02 am    Post subject: nfs4 and no authorization Reply with quote

Now, when I finally mount the appropriate user, but only root can write. For others, it is read-only. Also for the mapped user "vdr". Can someone give me as a tip, could be where the error? Or how to find out?

Code:
ls -la /var/vdr/video/
insgesamt 23612
drwxr-xr-x 15 vdr vdr      736 19. Feb 10:55 .
drwxr-xr-x  8 vdr vdr     4096 18. Feb 20:49 ..
-rw-r--r--  1 vdr vdr        0 19. Feb 10:55 .update
-rw-r--r--  1 vdr vdr 24144630 19. Feb 10:46 epg.data
-rw-r--r--  1 vdr vdr      323 19. Feb 09:52 h.1
-rw-r--r--  1 vdr vdr      297 12. Feb 23:07 xineliboutput@192.168.1.2.sdp

Code:
ls -l > /var/vdr/video/test.txt
-su: /var/vdr/video/test.txt: Keine Berechtigung

Code:
grep vdr /etc/fstab
192.168.1.2:/video    /var/vdr/video    nfs4    auto,soft,bg,nosuid    0 0

Code:
df -m | grep vdr
192.168.1.2:/video           716779   70839    645940   10% /var/vdr/video

And on Server:
Code:
cat /etc/exports
# /etc/exports: NFS file systems being exported.  See exports(5).
/exports        192.168.1.0/255.255.255.0(rw,no_subtree_check,no_root_squash,async,fsid=0,secure,nohide)
/exports/video  192.168.1.0/255.255.255.0(rw,no_subtree_check,no_root_squash,async,nohide,secure,nohide)
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 11:54 am    Post subject: Reply with quote

what does mount return on the client?
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 12:09 pm    Post subject: Reply with quote

Code:
#~ mount /var/vdr/video/
#~ echo $?
0
# ~

Nothing else.

In messages:
Code:
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: New client: 65
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Opened /var/lib/nfs/rpc_pipefs/nfs/clnt65/idmap
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: New client: 66
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nss_getpwnam: name 'root@vdr.zoo.tom' domain 'vdr.zoo.tom': resulting localname 'root'
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: final return value is 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Client 65: (user) name "root@vdr.zoo.tom" -> id "0"
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: final return value is 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Client 65: (group) name "root@vdr.zoo.tom" -> id "0"
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nss_getpwnam: name 'vdr@vdr.zoo.tom' domain 'vdr.zoo.tom': resulting localname 'vdr'
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_uid: final return value is 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Client 65: (user) name "vdr@vdr.zoo.tom" -> id "102"
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: final return value is 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Client 65: (group) name "vdr@vdr.zoo.tom" -> id "410"
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: New client: 67
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Stale client: 66
Feb 19 13:08:20 wiesel rpc.idmapd[11037]:       -> closed /var/lib/nfs/rpc_pipefs/nfs/clnt66/idmap


And messages on server:
Code:
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=user
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: final return value is 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: Server : (user) id "0" -> name "root@vdr.zoo.tom"
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=group
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: final return value is 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: Server : (group) id "0" -> name "root@vdr.zoo.tom"
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=user
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_uid_to_name: final return value is 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: Server : (user) id "117" -> name "vdr@vdr.zoo.tom"
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=group
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: nfs4_gid_to_name: final return value is 0
Feb 19 13:08:20 lux rpc.idmapd[7712]: Server : (group) id "989" -> name "vdr@vdr.zoo.tom"


On both:
Code:
grep -v '^#' /etc/idmapd.conf | grep -v '^$'
[General]
Verbosity = 10
Domain = vdr.zoo.tom
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
[Mapping]
Nobody-User = nobody
Nobody-Group = nobody
[Translation]
 
[Static]
[UMICH_SCHEMA]
LDAP_server = ldap-server.vdr.zoo.tom
LDAP_base = dc=vdr,dc=zoo,dc=tom
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 12:25 pm    Post subject: Reply with quote

LinuxTom wrote:
Code:
#~ mount /var/vdr/video/
#~ echo $?
0
# ~

Nothing else.


I was thinking

Code:

mount | grep 'type nfs'


Then you will see some the effective options used.
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 12:33 pm    Post subject: Reply with quote

Code:
~# mount | grep 'nfs'
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw,noexec,nosuid,nodev)
192.168.1.2:/video on /var/vdr/video type nfs4 (rw,nosuid,soft,bg,addr=192.168.1.2,clientaddr=192.168.1.5)
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 12:45 pm    Post subject: Reply with quote

I just wanted to see rw there (but then I noticed that you said you did write as root)

do you log on as user vdr when you did the write (or just su to the user?), what does id say?

log in to client as vdr
Code:
id
touch /var/vdr/video/othertest


Unfortunately I have not used idcode default mapping myself so I don't think I can help.
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 12:55 pm    Post subject: Reply with quote

As root:
Code:
~# id
uid=0(root) gid=0(root) Gruppen=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)
~# touch /var/vdr/video/othertest
~# ls -l /var/vdr/video/othertest
-rw-r--r-- 1 root root 0 19. Feb 13:52 /var/vdr/video/othertest

As vdr:
Code:
~# id
uid=102(vdr) gid=410(vdr) Gruppen=410(vdr),18(audio),19(cdrom),27(video)
~# touch /var/vdr/video/othertest
touch: kann „/var/vdr/video/othertest“ nicht berühren: Keine Berechtigung


On Server:
Code:
~# id
uid=0(root) gid=0(root) Gruppen=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)

Code:
~# id
uid=117(vdr) gid=989(vdr) Gruppen=989(vdr),18(audio),19(cdrom),27(video)
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 1:05 pm    Post subject: Reply with quote

As I said I'm not familiar with default id mapping, but what happens if you run touch as the user with uid=117 on the client? if it works it's likely a problem with the default mapping. But you might have tried this already.
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 1:17 pm    Post subject: Reply with quote

Is there some kind of trace module to see everything exactly? Possibly. also in a log file?
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 1:20 pm    Post subject: Reply with quote

pgu wrote:
... if you run touch as the user with uid=117 on the client? ...

It works. :?: :?: :?:
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 2:19 pm    Post subject: Reply with quote

But not vor user "vdr". :( :cry:
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 2:26 pm    Post subject: Reply with quote

LinuxTom wrote:
Is there some kind of trace module to see everything exactly? Possibly. also in a log file?


Code:
OPTS_RPC_IDMAPD="-vvv"
in
/etc/conf.d/nfs


or run it manually in the forground

Code:
/usr/sbin/rpc.idmapd -fvvv
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 2:27 pm    Post subject: Reply with quote

LinuxTom wrote:
pgu wrote:
... if you run touch as the user with uid=117 on the client? ...

It works. :?: :?: :?:


Then you don't seem to have any mapping between them.
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 4:35 pm    Post subject: Reply with quote

Serverlog:
Code:
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=user
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: final return value is 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: Server : (user) id "0" -> name "root@vdr.zoo.tom"
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=group
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: final return value is 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: Server : (group) id "0" -> name "root@vdr.zoo.tom"
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=user
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_uid_to_name: final return value is 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: Server : (user) id "117" -> name "vdr@vdr.zoo.tom"
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfsdcb: authbuf=192.168.1.0/255.255.255.0 authtype=group
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: nfs4_gid_to_name: final return value is 0
Feb 19 17:28:42 lux rpc.idmapd[4927]: Server : (group) id "989" -> name "vdr@vdr.zoo.tom"

Server:
Code:
~# grep vdr /etc/passwd /etc/group
/etc/passwd:vdr:x:117:989:added by portage for gentoo-vdr-scripts:/var/vdr:/bin/bash
/etc/group:vdr:x:989:

Clientlog:
Code:
Feb 19 17:28:42 wiesel -bash: HISTORY: PID=4260 UID=0 /etc/init.d/rpc.idmapd restart
Feb 19 17:28:42 wiesel rpc.idmapd[6222]: Stale client: 15
Feb 19 17:28:42 wiesel rpc.idmapd[6222]:        -> closed /var/lib/nfs/rpc_pipefs/nfs/clnt15/idmap
Feb 19 17:28:42 wiesel rpc.idmapd[6222]: Stale client: 13
Feb 19 17:28:42 wiesel rpc.idmapd[6222]:        -> closed /var/lib/nfs/rpc_pipefs/nfs/clnt13/idmap
Feb 19 17:28:42 wiesel rpc.mountd[6258]: Caught signal 15, un-registering and exiting.
Feb 19 17:28:42 wiesel kernel: nfsd: last server has exited, flushing export cache
Feb 19 17:28:42 wiesel rpc.idmapd[6335]: libnfsidmap: using domain: vdr.zoo.tom
Feb 19 17:28:42 wiesel rpc.idmapd[6335]: libnfsidmap: loaded plugin /usr/lib64/libnfsidmap/nsswitch.so for method nsswitch
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Expiration time is 600 seconds.
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Opened /proc/net/rpc/nfs4.nametoid/channel
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Opened /proc/net/rpc/nfs4.idtoname/channel
Feb 19 17:28:42 wiesel sm-notify[6357]: Version 1.2.5 starting
Feb 19 17:28:42 wiesel sm-notify[6357]: Already notifying clients; Exiting!
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: ReOpening /proc/net/rpc/nfs4.nametoid/channel
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: ReOpening /proc/net/rpc/nfs4.idtoname/channel
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: New client: 16
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Opened /var/lib/nfs/rpc_pipefs/nfs/clnt16/idmap
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: New client: 17
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nss_getpwnam: name 'root@vdr.zoo.tom' domain 'vdr.zoo.tom': resulting localname 'root'
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: final return value is 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Client 16: (user) name "root@vdr.zoo.tom" -> id "0"
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: final return value is 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Client 16: (group) name "root@vdr.zoo.tom" -> id "0"
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nss_getpwnam: name 'vdr@vdr.zoo.tom' domain 'vdr.zoo.tom': resulting localname 'vdr'
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_uid: final return value is 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Client 16: (user) name "vdr@vdr.zoo.tom" -> id "102"
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: nfs4_name_to_gid: final return value is 0
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Client 16: (group) name "vdr@vdr.zoo.tom" -> id "410"
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: New client: 18
Feb 19 17:28:42 wiesel rpc.idmapd[6336]: Stale client: 17
Feb 19 17:28:42 wiesel rpc.idmapd[6336]:        -> closed /var/lib/nfs/rpc_pipefs/nfs/clnt17/idmap
Feb 19 17:28:42 wiesel rpc.mountd[6371]: Version 1.2.5 starting
Feb 19 17:28:42 wiesel kernel: NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
Feb 19 17:28:42 wiesel kernel: NFSD: starting 90-second grace period

Client:
Code:
~# grep vdr /etc/passwd /etc/group
/etc/passwd:vdr:x:102:410:added by portage for gentoo-vdr-scripts:/var/vdr:/bin/bash
/etc/group:vdr:x:410:
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 4:41 pm    Post subject: Reply with quote

And (on the client):
Code:
su - avahi
ls -l > video/h.3

Its works, but user avahi have id=117.
So absolutely no ID mapping
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 6:34 pm    Post subject: Reply with quote

How to you get the uid and gid, or what is the output of

Code:
egrep ^passwd:\|^group: /etc/nsswitch.conf


on your client?
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Sun Feb 19, 2012 7:50 pm    Post subject: Reply with quote

Code:
passwd:      compat
group:       compat

But for user 117 (avahi) works. It is a false (or nonexistent) mapping.
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2012 11:50 pm    Post subject: Reply with quote

Then it should get the uid/gid from the local /etc/passwd and /etc/group files. Maybe you should add some more vvv's to your rpc.idmapd options? Maybe you get some more clues where the mapping goes wrong.
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Mon Feb 20, 2012 3:50 am    Post subject: Reply with quote

pgu wrote:
Maybe you should add some more vvv's to your rpc.idmapd options?

The result is the same.
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 467
Location: Oslo, Norway

PostPosted: Mon Feb 20, 2012 7:26 am    Post subject: Reply with quote

That means you probably have maximum verbosity then. I was hoping for even some more information. I don't know how a correct trace should look like, but looking at this:

Code:
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: Client 65: (user) name "vdr@vdr.zoo.tom" -> id "102"
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Feb 19 13:08:20 wiesel rpc.idmapd[11037]: nfs4_name_to_gid: final return value is 0


It seems like the client picks up the correct id, but what puzzles me is "nsswitch->name_to_gid returned 0". I don't know if that means that its a successful return code or if the returned id of 102 suddenly mapped to 0 after some nsswitch function. Maybe somebody else with access to a trace on a working system would know?
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Tue Feb 21, 2012 8:40 am    Post subject: Reply with quote

pgu wrote:
... maximum verbosity ...

Code:
root       713  0.0  0.0  25316   896 ?        Ss   Feb20   0:00 /usr/sbin/rpc.idmapd -c /etc/idmapd.conf -vvvvvv

I think that is the incoming id from the server to the client is detected and translated by idmap, but then "missing someone" who's that then for NFS running effectively.
Back to top
View user's profile Send private message
Tinitus
Veteran
Veteran


Joined: 20 Sep 2004
Posts: 1628

PostPosted: Mon Feb 25, 2013 7:50 pm    Post subject: Reply with quote

LinuxTom wrote:
pgu wrote:
... maximum verbosity ...

Code:
root       713  0.0  0.0  25316   896 ?        Ss   Feb20   0:00 /usr/sbin/rpc.idmapd -c /etc/idmapd.conf -vvvvvv

I think that is the incoming id from the server to the client is detected and translated by idmap, but then "missing someone" who's that then for NFS running effectively.


Any Solutions yet?
Back to top
View user's profile Send private message
LinuxTom
l33t
l33t


Joined: 26 Mar 2006
Posts: 798

PostPosted: Tue Feb 26, 2013 11:33 am    Post subject: Reply with quote

I gave up and got the User / Group ID's unified on my computers.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum