Hi, > The nodes mount NFS file systems but do not resolve file and directory > ownerships for LDAP users
Could you please run `strace ls file_on_nfs` and `ltrace ls file_on_nfs` (when uid:gid aren't resolved) and share logs? On Fri, Feb 14, 2025 at 8:45 PM Lawrence Kearney via sssd-users <[email protected]> wrote: > > I hope someone can help. I have an odd issue I haven't seen before. I've done > a lot of checking under the hood, but I'm stuck. > > We have hundreds of systems using the v2.9+ of the daemon (AD and LDAP > providers). We're deploying a new HPC cluster using Rocky Linux 9 containers > (all other systems are RHEL 8/9) as stateless compute nodes. These nodes are > ephemeral so we use the LDAP providers. > > The observed issue is the daemons load and run as expected. The nodes mount > NFS file systems but do not resolve file and directory ownerships for LDAP > users until I manually run a "getent" or "id" on any user or group. It > doesn't even have to be a user or group that owns files. So any type of NSS > lookup seems to kick start the process. From there the node is fine. > > libnfs, libnss, sssd-nfs-idmap, libsss_nss_idmap, etc are all the same on > nodes that don't do this. > > DNS works, there's no difference in daemon configurations from working ones. > systemd unit files are identical, etc. I cannot figure out why these nodes > need to be poked by NSS to start using NSS. Very peculiar. > > > Any insight would be appreciated, > > > -- lawrence > > > -- > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
