Andrej Podzimek wrote:
FTR, here comes a quick note on how I eventually got it running.
1) Switched to 'sys' security, so the output from share now looks like
this:
-...@rpool/export /export/home/andrej
sec=sys,r...@2002:****:****:3::/64:10.84.54.0/26 ""
That is an IPv6 followed by an IPv4 subnet?
You need the '@' in front of both, not just the IPv6 subnet.
2) Turned OpenSolaris upside down.
* Renumbered my user to have the same uid. (I needed a second user
account for that, can't do it from 'su'.)
* Renamed and renumbered group staff (10) to match my Linux group
users (100).
* chgrp -R, chown -R -- for all the home directories of people in
staff/users.
3) Mounted under Linux.
mount -t nfs4 -o sys 10.84.54.10:/export/home/andrej /mnt/helium
-o rsize=32768,wsize=32768
Well, this is a quick and dirty solution that works ... somehow. It
would be nice to have a Kerberos setup with proper authentication and
user/group ID mapping (so that no brute force renumbering is needed),
but that's something I don't have time for. At least I could not find
a reasonably simple howto for that.
You don't need Kerberos to do the user/group mapping. You could have
done this
with id domains.
Linux:
Edit //etc/idmapd.conf/ and then:
[t...@adept ~]> sudo chkconfig rpcidmapd reset
[t...@adept ~]>
Solaris:
Edit //etc/default/nfs/ and then:
ultralord # cat /var/run/nfs4_domain
internal.excfb.com
ultralord # svcadm restart svc:/network/nfs/mapid
ultralord # cat /var/run/nfs4_domain
excfb.com
I could not connect over IPv6 from the Linux client. Either there's
something wrong with my setup, or it's just another problem in the
Linux NFSv4 implementation. It says 'address family not supported,
blabla'.
Andrej
_______________________________________________
nfs-discuss mailing list
[email protected]
They are in the process of adding IPv6 support right now.
_______________________________________________
nfs-discuss mailing list
[email protected]
