6

I have a couple of servers on which the UIDs and GIDs are different for the same user names and group names. When I NFS mount a directory ostensibly owned by the same user from one server to another, the user can't access the files because of the UID/GID mismatch.

Is there a way to map UIDs and GIDs?

Thanks.

Nick Pierpoint
  • 639
  • 1
  • 8
  • 14

7 Answers7

5

bindfs 1.10 (a Linux userspace filesystem implemented via FUSE) mounts one directory to another location, optionally transforming UIDs/GIDs (and/or permissions) in the process.

bindfs --map=olduid1/newuid1:@oldgid1/@newgid1:... /olddir /newdir
Richard Hansen
  • 3,640
  • 1
  • 18
  • 17
  • awesome! even though the performance isn't production-ready, it's really useful for development environments. thanks @Richard – niieani May 04 '16 at 21:09
  • This is much easier than setting up Kerberos, idmapd, LDAP or whatever. It just works. Many thanks! – Ian Howson Nov 09 '16 at 05:17
5

You might want to consider using LDAP. Your problem will just go away if you do. Additionally, it takes the pain out of "roaming" users who may have different UID/GID depending on what system they are using.

If LDAP seems intimidating at first, try a web based management tool like Gosa to get started. If you are already familiar with LDAP trees, phpLDAPadmin might offer you more flexibility.

Tim Post
  • 1,515
  • 13
  • 25
3

AS far as I'm aware this isn't possible. You can map root to a different ID, but no one else.

You might find using CIFS slightly easier to make do what you want.

David Pashley
  • 23,151
  • 2
  • 41
  • 71
3

See Wallace's answer if you are looking to have users on the client line up with users on the server.

However, if you are looking for all users on the client to be the same user on the server, you can add (all_squash,anonuid=#,anongid=#) in your /etc/exports file on the server to force all clients to be anonymous and then set the anonymous userid and group id

Mark Porter
  • 991
  • 1
  • 5
  • 12
  • This is the approach I've been using but without much success. I've the following in /etc/exports... "/dir client(rw,all_squash,anonuid=600,anongid=600)". I thought this would mean that whichever user access the site from "client" the files on the server would appear to be owned by whichever user had user and group ID of 600 on the client. I don't see this though. – Nick Pierpoint Oct 15 '09 at 23:07
  • FWIW, in my experiments (Suse 10) anonid forces all permissions checks to be performed as if the user on the client was the anonid. New files are created with the anonid as well. All files are listed with the anonid as the owner which doesn't match any username on the client so they are listed as 1001.Maybe there is a configuration problem? Here is the exports line I used: /tmp/nfs_test xxx.xxx.xxx.xxx(rw,sync,all_squash,anonuid=1001,anongid=100) – Mark Porter Oct 16 '09 at 16:11
2

I previously answered a similar question: Mapping UIDs for NFS.

In short, use LDAP or some other system to synchronize your UIDs.

Community
  • 1
Kamil Kisiel
  • 11,946
  • 7
  • 46
  • 68
  • Agreed. Fix the real problem, don't patch it. I implemented an AD domain and used Likewise Open (which creates UID/GIDs as a hash of the account in AD, so they're consistent across the entire infrastructure). Totally solved all of my problems. – Matt Simmons Oct 17 '09 at 02:03
1

It's possible with at least some implementations via the map_static option on the export. See this writeup.

T.J. Crowder
  • 887
  • 6
  • 22
0

You can use usermod command to change UID/GID of users on both systems. However, you should be careful when changing ids for system users (uid < 500).

muodov
  • 131
  • 1
  • 1
    Are there any other things one should needs to take care of when changing UIDs and GIDs such as all the files and directories owned by that user or group? – Ladadadada Jan 21 '14 at 11:07