7

We are a Linux shop with about 30 Macs to support. We have our Leopard and Snow Leopard systems set up with LDAP authentication and automounted NFSv3 home directories so our staff have the same login and file whether they use OS X or Ubuntu. The only issue we have is that with NFSv3, we can't use Firefox >= 4. That issue still exists in Lion.

Now that OS X supports NFSv4 in Lion, I decided to try that out. It failed rapidly. I am unable to open applications. When I log in with ssh, many commands related to file operations hang.

On Linux NFSv4 clients, you must set up a domain name for mapping usernames between the client and the server in /etc/idmpad.conf. Is there anything like that in Lion? Are there any other configuration setting I need to check?

I have also tried using the latest version of Netatalk, but after a while, Microsoft Word starts saying files are read only.

Updated information

We discovered that using async in NFSv3 solved our problem with Firefox. Unfortunately, async does not solve the problem with NFSv4.

That turned out to be a misunderstanding of the problem. async does not solve the problem for either NFSv3 or NFSv4.

Testing Method

We have a couple of test accounts in our LDAP server with autofs entries pointing to an NFSv4 server on Ubuntu. I test by logging in via the login window or by ssh. In the GUI, I try opening applications and editing text files. Via ssh, I try editing text files with vim.

For the NFS Manager suggestion, I used su to become one of those users and tried editing a file with vim.

Server Settings

This is the /etc/exports from my testing nfsv4 server. The settings are the same as the production NFSv3 servers.

/var/lib/nfs/v4root @utm(ro,fsid=0,root_squash,insecure,no_subtree_check,async) @admin(ro,fsid=0,no_root_squash,insecure,no_subtree_check,async)

/var/lib/nfs/v4root/d2/export/fac @utm(fsid=31,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=31,rw,async,no_root_squash,no_subtree_check,insecure)
/var/lib/nfs/v4root/d2/export/grad @utm(fsid=32,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=32,rw,async,no_root_squash,no_subtree_check,insecure)
/var/lib/nfs/v4root/d2/export/staff @utm(fsid=33,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=33,rw,async,no_root_squash,no_subtree_check,insecure)

/d2/export/fac @utm(fsid=41,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=41,rw,async,no_root_squash,no_subtree_check,insecure)
/d2/export/grad @utm(fsid=42,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=42,rw,async,no_root_squash,no_subtree_check,insecure)
/d2/export/staff @utm(fsid=43,rw,async,root_squash,no_subtree_check,insecure) @admin(fsid=43,rw,async,no_root_squash,no_subtree_check,insecure)

Client mount options

The clients use autofs in LDAP to mount the filesystem. The options follow:

intr,tcp,rw,vers=4,timeo=20

I have tried with just vers=4, but I get the same results.

Network

For this test, the client and the server are on different subnets. The traffic goes through 100 Mbps cisco switches with gigabit connections to the cisco route switch. Throughput tests show consistent 91 Mbps transfers with low .3 ms pings. This network has been appropriate for NFSv3 for many years.

Solution

Wait for 10.7.3. I am pleased to report that this was a bug in 10.7.2, and the 10.7.3 prerelease fixes it.

Jeff Strunk
  • 2,107
  • 1
  • 24
  • 29
  • So you can mount via NFv4, but you just have issues with Mac OS X functioning with NFSv4? Because it seems that the question is framed incorrectly. – Rilindo Nov 09 '11 at 15:37
  • That is correct. I stated the question in that way because I think there must be some configuration step I am missing. There must be more to it that using the vers=4 option with mount. – Jeff Strunk Nov 10 '11 at 14:24
  • It seems that the issue is more about optimizing NFS for Mac OS X Client than just mounting. Let me ask you this - when a user logs in and automounts, did the ~/Library directory gets created? That is the folder used by most Mac OS X Apps for most user-level preferences. – Rilindo Nov 10 '11 at 15:01
  • ~/Library and 86 other files and directories get created in a pristine home directory before the mac crashes and says "You need to restart your computer..." – Jeff Strunk Nov 10 '11 at 17:19
  • So a lot of writes then. We probably want the exports file on the server as well as the current mount settings from the client side. Also, are you connecting over wireless or wired network? And what is the throughput speed from your client to the server and back? – Rilindo Nov 10 '11 at 18:31
  • The title change is good except that Lion is the first release with support for NFSv4. – Jeff Strunk Nov 10 '11 at 19:05
  • Now I remember. This is what I have answered before: http://serverfault.com/questions/113299/snow-leopard-hangs-when-using-openldap-on-linux-for-authentication It doesn't look like the right answer, as it was not accepted. :( – Rilindo Nov 12 '11 at 02:24
  • Those were the good old days. My comments there remind me that I haven't tried a non-Linux NFSv4 server yet. Or maybe a newer kernel. – Jeff Strunk Nov 12 '11 at 14:47

2 Answers2

1

You may want to try using NFS Manager to help you configure your NFS mounts. It's a lot easier to use than Apple's Disk Utility.

tegbains
  • 1,956
  • 12
  • 27
  • 1
    I'm quite comfortable reading the mount_nfs man page to find mount options to use on the command line. If there is a specific option or group of options you can tell me to make OS X behave properly as client to a Linux NFSv4 server, then I would happily upvote, accept, and award the bounty to your answer. – Jeff Strunk Nov 03 '11 at 16:59
1

This is a bug. It worked briefly in a prerelease update, but it is broken again. I have submitted a bug report with Apple.

Jeff Strunk
  • 2,107
  • 1
  • 24
  • 29