Your message dated Tue, 21 May 2013 22:17:07 +0000 with message-id <[email protected]> and subject line Bug#675188: fixed in nfs-utils 1:1.2.6-4 has caused the Debian Bug report #675188, regarding Change in rpc.idmapd makes clients unable to resolv users/groups to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 675188: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675188 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: nfs-kernel-server Version: 1:1.2.5-4~bpo60 Severity: important After upgrading an nfs server from 1.2.2 to 1.2.5 (from backports) all the clients lost the ability to show the correct owner/group for files and directories: -rw-rw-r-- 1 nobody nogroup 0 2012-05-29 17:46 foo drwxr-xr-x 2 nobody nogroup 4096 2012-05-29 17:39 bar I tracked the problem to the way rpc.idmapd reports users and groups to the clients. From rpc.idmapd -vvvvv in 1.2.2: rpc.idmapd: nfsdcb: authbuf=gss/krb5p authtype=user rpc.idmapd: nfs4_uid_to_name: calling umich_ldap->uid_to_name rpc.idmapd: ldap_init_and_bind: version mismatch between API information and protocol version. Setting protocol version to 3 rpc.idmapd: nfs4_uid_to_name: umich_ldap->uid_to_name returned 0 rpc.idmapd: nfs4_uid_to_name: final return value is 0 rpc.idmapd: Server: (user) id "2095" -> name "alberto.gonzalez" rpc.idmapd: nfsdcb: authbuf=gss/krb5p authtype=group rpc.idmapd: nfs4_gid_to_name: calling umich_ldap->gid_to_name rpc.idmapd: ldap_init_and_bind: version mismatch between API information and protocol version. Setting protocol version to 3 rpc.idmapd: nfs4_gid_to_name: umich_ldap->gid_to_name returned 0 rpc.idmapd: nfs4_gid_to_name: final return value is 0 rpc.idmapd: Server: (group) id "2095" -> name "alberto.gonzalez" Whereas in 1.2.5: rpc.idmapd: nfsdcb: authbuf=gss/krb5p authtype=user rpc.idmapd: nfs4_uid_to_name: calling nsswitch->uid_to_name rpc.idmapd: nfs4_uid_to_name: nsswitch->uid_to_name returned 0 rpc.idmapd: nfs4_uid_to_name: final return value is 0 rpc.idmapd: Server : (user) id "2095" -> name "alberto.gonzalez@domain" rpc.idmapd: nfsdcb: authbuf=gss/krb5p authtype=user rpc.idmapd: nfs4_uid_to_name: calling nsswitch->uid_to_name rpc.idmapd: nfs4_uid_to_name: nsswitch->uid_to_name returned 0 rpc.idmapd: nfs4_uid_to_name: final return value is 0 rpc.idmapd: Server : (user) id "1000" -> name "agi@domain" rpc.idmapd: nfsdcb: authbuf=gss/krb5p authtype=group rpc.idmapd: nfs4_gid_to_name: calling nsswitch->gid_to_name rpc.idmapd: nfs4_gid_to_name: nsswitch->gid_to_name returned 0 rpc.idmapd: nfs4_gid_to_name: final return value is 0 rpc.idmapd: Server : (group) id "1000" -> name "agi@domain" I've tried commenting out "Domain = domain" and setting it to its real value, (in the server's /etc/idmapd.conf) both test with the same result. I'm not saying that "user@domain" is not the right value for this (it probably is, don't know the RFC). But it's not the way it used to behave. It would be nice to have a way to have rpc.idmapd report users and groups as it used to, in order to avoid modifying /etc/idmapd.conf in hundreds of nfs clients as well as introducing an extra attribute (for NFSv4_name_attr and NFSv4_group_attr) in LDAP (now just using "uid"). I expect this bug to hit nfs (v4) servers upgrading from Squeeze to Wheezy. Thanks, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
--- End Message ---
--- Begin Message ---Source: nfs-utils Source-Version: 1:1.2.6-4 We believe that the bug you reported is fixed in the latest version of nfs-utils, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luk Claes <[email protected]> (supplier of updated nfs-utils package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 11 May 2013 14:37:13 +0200 Source: nfs-utils Binary: nfs-kernel-server nfs-common Architecture: source amd64 Version: 1:1.2.6-4 Distribution: stable Urgency: low Maintainer: Debian kernel team <[email protected]> Changed-By: Luk Claes <[email protected]> Description: nfs-common - NFS support files common to client and server nfs-kernel-server - support for NFS kernel server Closes: 675188 682709 707401 707720 Changes: nfs-utils (1:1.2.6-4) stable; urgency=low . * mountd: auth_unix_ip should downcall on error to prevent hangs (Closes: #682709). * Avoid DNS reverse resolution fixes CVE-2013-1923 (Closes: #707401). * Set default domain (Closes: #675188). * Fix getopt handling for -R option (Closes: #707720). Checksums-Sha1: e12d056ac347f2ca2bdd71af3f537d770b5dbb4d 2244 nfs-utils_1.2.6-4.dsc ecce84b044fca647feb30bec64fdf39427e776ad 39545 nfs-utils_1.2.6-4.debian.tar.bz2 d54414ec2b0696b93d8e53cda1341eb6f0b48f35 156260 nfs-kernel-server_1.2.6-4_amd64.deb 6e22b10977d81da12bf759ea25dc97f3760e0c02 287812 nfs-common_1.2.6-4_amd64.deb Checksums-Sha256: 96e6be52317f30ad86e8dd54eebf4eda403c44e4fba3fbb17ea2aacdddfbfdb3 2244 nfs-utils_1.2.6-4.dsc 3b0ddf1c48d27aaedfd7c15e30301bbbce192024c30978107bfb6ee3ec421611 39545 nfs-utils_1.2.6-4.debian.tar.bz2 5cd88fe13c4e42fefe780b34d4f53f01d32159c6235d17d18e6cac9739638430 156260 nfs-kernel-server_1.2.6-4_amd64.deb 54eb48243394718447bffee1dca72e9240ecd5563af46d73ff926d00b0c8f51e 287812 nfs-common_1.2.6-4_amd64.deb Files: d47f0e26e17d2bd12efe0cf5a6cf9f27 2244 net standard nfs-utils_1.2.6-4.dsc 37dba20026ed7f6778ec1ef85a254b70 39545 net standard nfs-utils_1.2.6-4.debian.tar.bz2 07c75214386fad203bf86c70f4ba64e4 156260 net optional nfs-kernel-server_1.2.6-4_amd64.deb e7167682ea97c27f8dd75bfd9c673816 287812 net standard nfs-common_1.2.6-4_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRjj3+AAoJECEnNxubsjBisf8P/iuoViemcgKVDo6tbyn3CoR+ qmLTVYQ3vASdsmwC+FcijH39vG/U76hSd3GWJ+9vni7stqaCApJSTpZJunKgD0zb hiCTTxw6Q6aCSgsd0ENNd0IGIoRF/ofyXsatN3TjzMjOCkQacBjdPLL4UTOpYG/W cAbCnYQPcJaQNzS9fC1pLbf5WQ8n43aHRFXH91dZzxYYVS74UB4BwEZ17/IHWKS4 WbA0dZ5TPeor5LW1v4nVT3P3DjkjcPRZUcsSSgy26e/9XEWGMmqiQrdkl0QSWhHr kFJKUGUQJ20Lo/YMjNTgIU1XjL2zIYkhjUJloa/xYGaKjeY+EpnULCXgZOwJ9oXy mmw2TsevVZ2F+DLw4OvSVyImyugGKNaCZvcFgiA/SutdgS30hK+bIXaGg2lvcMjB ISSLhPmC0qKLvpLnaEY7580SJ07Ady7dD/1d/D3KsIAqUNBjG4NuHs5mjIfvA2Gg MiVSWUDhntlgVaFyzKUWeESmVshY2QHZhMuaKwfiJPOceH5C8EKFbzBZPehtvDkX lDLSfxvzltqSNRpokeEhPZshLjF06R/9Ll2Le+C28UgN7DTrXbpmRiUylq0f75l+ 7pHi291eV9qJT9lkAbUgcDZkCyUeZa0m7RGk79f/hkHl6fGaOujPDuIz8s9eHs4E Ig73Rbl1PKRaIOT9k4iR =z20X -----END PGP SIGNATURE-----
--- End Message ---
