bri...@aracnet.com wrote: > This is a weird one. That is a little weird that it was a transient glitch of a failure.
> Tried to use ssh and saw a "bad permissions" error on my .ssh/config file. > > I do ls -l and i see uids/gids of 2^32-1 or a similar very large integer. > > WTF ?! Are you using --manage-gids? root@fs:~# grep manage-gids /etc/default/nfs-kernel-server RPCMOUNTDOPTS=--manage-gids $ man rpc.mountd -g or --manage-gids Accept requests from the kernel to map user id numbers into lists of group id numbers for use in access control. An NFS request will normally (except when using Kerberos or other cryptographic authentication) contains a user-id and a list of group-ids. Due to a limitation in the NFS protocol, at most 16 groups ids can be listed. If you use the -g flag, then the list of group ids received from the client will be replaced by a list of group ids determined by an appropriate lookup on the server. Note that the 'primary' group id is not affected so a newgroup command on the client will still be effective. This function requires a Linux Kernel with version at least 2.6.21. That is normal for an NIS/yp environment. But it means that uid lookups are done over the network. A transient network would return -1 error codes for all of the numbers. It will make user ids appear to be -1. > So i go back to the server to make sure the ownership hasn't been > borked some way and everything is fine. > > I go back to my account on the client, do 'ls -l' again, and > everything is as it should be. > > WTF ?! I am thinking it was a transient network failure coupled with the above --manage-gids setting. > 1 my NFS drives are mounted at boot. i've noticed that i get errors > about something not being ready, or auto mounting being a problem, > but up until now i haven't seen any real problems. > > 2 i can't look at those boot messages i see in 1. why is it that a > permanent method, installed by DEFAULT has never been implemented to > look at boot messages ? I don't know either. I always install bootlogd since it was split into a separate package. Bob
signature.asc
Description: Digital signature