Hi, On Fri, Oct 03, 2008 at 12:18:47AM +0200, Arthur de Jong wrote: > If using nfs4 (I've been doing some reading up but still no first-hand > experience) is that if the user doesn't exist it is generally mapped to > nobody:nogroup.
right. > The mapping is done by idmapd but at some point in combination with > something in the kernel. From what I understand from scanning the idmapd > code is that there is a default cache expiry time (in the kernel) of 500 > seconds (10 minutes). Current value should be available > in /proc/sys/fs/nfs/idmap_cache_timeout. > > My guess is that name lookups are cached in idmapd. Can you check that > by restarting idmapd (/etc/init.d/nfs-common restart) the problem goes > away? Nope, it does not. > Can you check the idmapd logs anything out of the ordinary? Perhaps you > can increase the verbosity in /etc/idmapd.conf. Hm, no nothing special. Setting the verbosity higher as the default (default: 3, tried up to 10) does not seem to change anything. Basically this is all: Oct 3 09:46:36 teekanne rpc.idmapd[3309]: libnfsidmap: using domain: localdomain Oct 3 09:46:36 teekanne rpc.idmapd[3309]: libnfsidmap: using translation method: nsswitch Oct 3 09:46:36 teekanne rpc.idmapd[3310]: Expiration time is 600 seconds. Oct 3 09:46:36 teekanne rpc.idmapd[3310]: Opened /proc/net/rpc/nfs4.nametoid/channel Oct 3 09:46:36 teekanne rpc.idmapd[3310]: Opened /proc/net/rpc/nfs4.idtoname/channel Oct 3 09:46:36 teekanne rpc.idmapd[3310]: New client: 0 Oct 3 09:46:36 teekanne rpc.idmapd[3310]: Opened /var/lib/nfs/rpc_pipefs/nfs/clnt0/idmap Oct 3 09:46:36 teekanne rpc.idmapd[3310]: New client: 1 Oct 3 09:47:23 teekanne rpc.idmapd[3310]: Client 0: (user) id "30010" -> name "[EMAIL PROTECTED]" Oct 3 09:47:23 teekanne rpc.idmapd[3310]: Client 0: (group) id "65534" -> name "[EMAIL PROTECTED]" > Thanks. Perhaps I should set up a test environment myself with NFS4. Do > you have some pointers for that (I use NFS3 myself). Thats not a great thing. You need to setup an export entry like you do for NFSv4, however there is a fundamentel difference to NFSv3. You export a NFSROOT not single exports. So you possibly want to setup a virtual export directory. Its described here [1]. Best Regards, Patrick [1] http://www.crazysquirrel.com/computing/debian/servers/setting-up-nfs4.jspx -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
