On Thu, 2008-10-02 at 10:28 +0200, Patrick Schoenfeld wrote: > attached is a log, while the problem exists. > > [EMAIL PROTECTED] ~ % ls -l test > -rw-rw-r-- 1 schoenfeld nogroup 0 12. Sep 09:49 test > > Interesting enough: The symptom is similar to the system behaviour, if > nslcd is _not_ running. Then all files resolve to nobody:nogroup.
If using nfs4 (I've been doing some reading up but still no first-hand experience) is that if the user doesn't exist it is generally mapped to nobody:nogroup. The mapping is done by idmapd but at some point in combination with something in the kernel. From what I understand from scanning the idmapd code is that there is a default cache expiry time (in the kernel) of 500 seconds (10 minutes). Current value should be available in /proc/sys/fs/nfs/idmap_cache_timeout. My guess is that name lookups are cached in idmapd. Can you check that by restarting idmapd (/etc/init.d/nfs-common restart) the problem goes away? On my system, idmapd is started way before nslcd and it probably isn't a good idea to start if before idmapd. There seems to be an undocumented Cache-Expiration option in the General section of /etc/idmapd.conf that could help to bring down the cache timeout value. Can you check the idmapd logs anything out of the ordinary? Perhaps you can increase the verbosity in /etc/idmapd.conf. Thanks. Perhaps I should set up a test environment myself with NFS4. Do you have some pointers for that (I use NFS3 myself). -- -- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part