Public bug reported:
In /etc/idmapd.conf, there's a line saying:
Domain = localdomain
This used to be "sort of" working: if server and clients had the same domain,
user ID's would be mapped correctly. However, in Lucid, when you're using
Kerberos, the rpc.svcgssd checks if the domain is a proper one, i.e. if you are
someu...@some.kerberos.domain, then you won't get away with
"domain=localdomain": your user ID will be mapped correctly, but your rights
will be void, as svcgssd reports you're nobody:nogroup.
Now this wouldn't be a problem, if the "Domain" clause would be absolutely
necessary - but it's not! Namely, as idmapd says, the default domain is FQDN
minus hostname, which is a far better default than "localdomain".
So a proper default would be a commented out "Domain" clause in idmapd.conf,
like so:
# set your own domain here, if it differs from FQDN minus hostname
# Domain = localdomain
** Affects: nfs-utils (Ubuntu)
Importance: Undecided
Status: New
--
"Domain = localdomain" clause in idmapd.conf breaks things in Lucid - and is
unnecessary
https://bugs.launchpad.net/bugs/526302
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
