1

I have six machines, one NFS server and five clients. Three clients (running Ubuntu 14.04) work just fine. The other two, running 12.04, are running into permissions errors.

On the mapped client machine, ls -l /home/ returns: 

drwxr-xr-x 22 testuser     testuser     12288 Oct  9 18:03 testuser

This is the expected permissions setup. testuser is the user that needs permission to this folder.

But, when logged into testuser, when I touch /home/testuser/test.txt I get this error: 

touch: cannot touch `/home/testuser/test.txt': Permission denied

Now, the numeric ids do NOT match the id strings, but I'm told that this need not be the case.

Client settings: 

cat /sys/module/nfs/parameters/nfs4_disable_idmapping
N

The setting above allows NFS to map the user permissions using strings, not numeric UIDs and GIDs. 

cat /etc/idmapd.conf
[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
Domain = localdomain

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Server settings: 

cat /etc/exports

/raid/nfs/home        server1(rw,sync,no_root_squash,no_subtree_check)
/raid/nfs/home        server2(rw,sync,no_root_squash,no_subtree_check)

Is there a bug or extra step I need to take to make the 12.04 machines work properly? Or should I just bite the bullet and upgrade, or just change all the UIDs to match the server?

Community
  • 1
Ben Gibson
  • 53
  • 5

1 Answers1

1

the problem is that idmapd is involved only when you do GETATTR/SETATTR (stat, chown, setacl) or kerberos is used (for principal to id mapping). But when nfs client sends CREATE request with auth=sys, then uid and gid is taken from RPC message. So you need uid and gid match on the server and client to solve your permission issue.

kofemann
  • 4,308
  • 1
  • 21
  • 27