Public bug reported:
I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This
server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling
662 homedirs for ldap authenticated users.
/etc/exports is :
/exports 192.168.0.0/24(rw,fsid=0,no_subtree_check)
Important lines in /etc/idmapd.conf :
domain=my-domain.org
[Translation]
Method=nsswitch.
In /etc/default/nfs-common :
NEED_IDMAPD=yes
In /etc/default/nfs-kernel-server :
RPCNFSDCOUNT=75
RPCMOUNTDOPTS=--manage-gids
2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported
directory with no problems :
When doing ls -l /home on this clients, I have :
...
drwx------ 4 user100 oldusers 4096 sept. 21 2011 user100
drwx------ 4 user101 oldusers 4096 sept. 21 2011 user101
drwx------ 37 user102 oldusers 4096 oct. 1 19:06 user102
drwx------ 36 user103 users 4096 févr. 5 21:08 user103
drwx------ 36 user104 users 4096 févr. 8 14:03 user104
drwx------ 30 user105 users 4096 févr. 4 18:01 user105
drwx------ 28 user106 oldusers 4096 oct. 5 2011 user106
drwx------ 37 user107 oldusers 4096 janv. 8 14:52 user107
drwx------ 31 user108 users 4096 déc. 4 11:52 user108
drwx------ 4 user109 oldusers 4096 sept. 21 2011 user109
drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109
drwx------ 31 user111 users 4096 janv. 29 12:03 user110
...
uid/gid mapping works fine, authldap works fine, ...
All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing
the same problem :
The config files are the same that used in ubuntu 12.04.
Auth ldap is correctly configured, user can log in.
This is the /etc/fstab entry for /home :
192.168.0.1:/ /home nfs rw,nfsvers=4 0 0
Important lines in /etc/idmapd.conf :
domain=my-domain.org
[Translation]
Method=nsswitch
In /etc/default/nfs-common :
NEED_IDMAPD=yes
/etc/nsswitch.conf is :
passwd: files ldap
group: files ldap
shadow: files ldap
When doing ls -l /home there is a strange problem :
drwx------ 4 4294967294 oldusers 4096 sept. 21 2011 user100
drwx------ 4 user101 oldusers 4096 sept. 21 2011 user101
drwx------ 37 user102 oldusers 4096 oct. 1 19:06 user102
drwx------ 36 4294967294 users 4096 févr. 5 21:08 user103
drwx------ 36 4294967294 users 4096 févr. 8 14:03 user104
drwx------ 30 4294967294 users 4096 févr. 4 18:01 user105
drwx------ 28 4294967294 oldusers 4096 oct. 5 2011 user106
drwx------ 37 4294967294 oldusers 4096 janv. 8 14:52 user107
drwx------ 31 4294967294 users 4096 déc. 4 11:52 user108
drwx------ 4 user109 oldusers 4096 sept. 21 2011 user109
drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110
drwx------ 31 4294967294 users 4096 janv. 29 12:03 user111
for 571 homedirs (this number varies at each reboot)/662, the owner is the
value 4294967294. For the 91 remaining homedirs,
the owner is correct. The gidnumber is correctly mapped for all (only 5
differents values used for gidNumber).
In /var/log/syslog, I can see :
For example : user110 is mapped as 4294967294.
but the command "id user110" returns :
uid=31124(user110) gid=666(oldusers) groupes=666(oldusers)
user110 logs in (auth ldap) from tty1. He runs "ls -l /home/user110/" :
drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images
Then, he runs "touch /home/user110/test" :
drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images
drwxr-xr-x 2 4294967294 oldusers 0 févr. 13 16:01 test
On the nfs server, If i do a ls -l in the same directory :
drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images
drwxr-xr-x 2 user110 oldusers 0 févr. 13 16:01 test
I can see that the "test" file is owned by the correct user.
I've tried without & with nscd, same results.
I've tried using sssd, libnss-sss & pam_sss for ldap auth and having exactly
the same results :
In /var/log/syslog, I have :
...
rpc.idmapd[561]: nss_getpwnam: name 'user...@my-domain.org' domain
'my-domain.org': resulting localname 'user109'
rpc.idmapd[561]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
rpc.idmapd[561]: nfs4_name_to_uid: final return value is 0
rpc.idmapd[561]: Client 0: (user) name "user...@my-domain.org" -> id "55101"
rpc.idmapd[561]: nfs4_name_to_uid: calling nsswitch->name_to_uid
rpc.idmapd[561]: nss_getpwnam: name 'user...@my-domain.org' domain
'my-domain.org': resulting localname 'user102'
rpc.idmapd[561]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
rpc.idmapd[561]: nfs4_name_to_uid: final return value is 0
rpc.idmapd[561]: Client 0: (user) name "user...@my-domain.org" -> id "55199"
...
only for the correctly mapped entries. No warnings or errors (rate limit
disabled in rsyslog.conf) and verbosity set to 5 in idmapd.conf. It seems that
rpc.idmapd never does mapping for other entries.
** Affects: nfs-utils (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This
server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling
662 homedirs for ldap authenticated users.
/etc/exports is :
/exports 192.168.0.0/24(rw,fsid=0,no_subtree_check)
Important lines in /etc/idmapd.conf :
domain=my-domain.org
[Translation]
Method=nsswitch.
In /etc/default/nfs-common :
NEED_IDMAPD=yes
In /etc/default/nfs-kernel-server :
RPCNFSDCOUNT=75
RPCMOUNTDOPTS=--manage-gids
2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported
directory with no problems :
When doing ls -l /home on this clients, I have :
...
drwx------ 4 user100 oldusers 4096 sept. 21 2011 user100
drwx------ 4 user101 oldusers 4096 sept. 21 2011 user101
drwx------ 37 user102 oldusers 4096 oct. 1 19:06 user102
drwx------ 36 user103 users 4096 févr. 5 21:08 user103
drwx------ 36 user104 users 4096 févr. 8 14:03 user104
drwx------ 30 user105 users 4096 févr. 4 18:01 user105
drwx------ 28 user106 oldusers 4096 oct. 5 2011 user106
drwx------ 37 user107 oldusers 4096 janv. 8 14:52 user107
drwx------ 31 user108 users 4096 déc. 4 11:52 user108
drwx------ 4 user109 oldusers 4096 sept. 21 2011 user109
drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109
drwx------ 31 user111 users 4096 janv. 29 12:03 user110
...
uid/gid mapping works fine, authldap works fine, ...
-
All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are
experiencing the same problem :
The config files are the same that used in ubuntu 12.04.
Auth ldap is correctly configured, user can log in.
This is the /etc/fstab entry for /home :
192.168.0.1:/ /home nfs rw,nfsvers=4 0 0
Important lines in /etc/idmapd.conf :
domain=my-domain.org
[Translation]
Method=nsswitch
In /etc/default/nfs-common :
NEED_IDMAPD=yes
/etc/nsswitch.conf is :
passwd: files ldap
group: files ldap
shadow: files ldap
When doing ls -l /home there is a strange problem :
drwx------ 4 4294967294 oldusers 4096 sept. 21 2011 user100
drwx------ 4 user101 oldusers 4096 sept. 21 2011 user101
drwx------ 37 user102 oldusers 4096 oct. 1 19:06 user102
drwx------ 36 4294967294 users 4096 févr. 5 21:08 user103
drwx------ 36 4294967294 users 4096 févr. 8 14:03 user104
drwx------ 30 4294967294 users 4096 févr. 4 18:01 user105
drwx------ 28 4294967294 oldusers 4096 oct. 5 2011 user106
drwx------ 37 4294967294 oldusers 4096 janv. 8 14:52 user107
drwx------ 31 4294967294 users 4096 déc. 4 11:52 user108
drwx------ 4 user109 oldusers 4096 sept. 21 2011 user109
drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110
drwx------ 31 4294967294 users 4096 janv. 29 12:03 user111
for 571 homedirs (this number varies at each reboot)/662, the owner is the
value 4294967294. For the 91 remaining homedirs,
the owner is correct. The gidnumber is correctly mapped for all (only 5
differents values used for gidNumber).
In /var/log/syslog, I can see :
For example : user110 is mapped as 4294967294.
but the command "id user110" returns :
uid=31124(user110) gid=666(oldusers) groupes=666(oldusers)
user110 logs in (auth ldap) from tty1. He runs "ls -l /home/user110/" :
drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images
Then, he runs "touch /home/user110/test" :
drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images
drwxr-xr-x 2 4294967294 oldusers 0 févr. 13 16:01 test
On the nfs server, If i do a ls -l in the same directory :
drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau
drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents
drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images
drwxr-xr-x 2 user110 oldusers 0 févr. 13 16:01 test
I can see that the "test" file is owned by the correct user.
I've tried without & with nscd, same results.
- I've tried using sssd & pam_sss for ldap auth and having exactly the same
results :
+ I've tried using sssd, libnss-sss & pam_sss for ldap auth and having exactly
the same results :
In /var/log/syslog, I have :
...
rpc.idmapd[561]: nss_getpwnam: name 'user...@my-domain.org' domain
'my-domain.org': resulting localname 'user109'
rpc.idmapd[561]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
rpc.idmapd[561]: nfs4_name_to_uid: final return value is 0
rpc.idmapd[561]: Client 0: (user) name "user...@my-domain.org" -> id "55101"
rpc.idmapd[561]: nfs4_name_to_uid: calling nsswitch->name_to_uid
rpc.idmapd[561]: nss_getpwnam: name 'user...@my-domain.org' domain
'my-domain.org': resulting localname 'user102'
rpc.idmapd[561]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
rpc.idmapd[561]: nfs4_name_to_uid: final return value is 0
rpc.idmapd[561]: Client 0: (user) name "user...@my-domain.org" -> id "55199"
...
only for the correctly mapped entries. No warnings or errors (rate limit
disabled in rsyslog.conf) and verbosity set to 5 in idmapd.conf. It seems that
rpc.idmapd never does mapping for other entries.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1124250
Title:
Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1124250/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
