Re: [Nfs-ganesha-devel] nss_getpwnam: name 'tom@my.dom@localdomain' does not map into domain 'nix.my.dom'

Wed, 07 Mar 2018 23:45:57 -0800 

>> Tried identical ifmapd.conf files on client and server but rpcidmapd
tries to start the local copy of nfsd on the nfs Ganesha servers but that
competes with

NFS Ganesha doesn't need rpcidmapd daemon running. So refrain from running
the idmapd daemon. Ganesha uses idmapd libraries, so you should be good as
long as you have the libraries installed (part of the nfs-utils package on
RHEL, I think).

Regards, Malahal.

On Tue, Mar 6, 2018 at 9:15 PM, Tom <t...@mdevsys.com> wrote:

> t...@my.dom is an ad user.   Nix.my.dom is a subdomain managed freeipa.
>
> Tried identical ifmapd.conf files on client and server but rpcidmapd tries
> to start the local copy of nfsd on the nfs Ganesha servers but that
> competes with nfs-Ganesha and won’t bind on port 2049.  So I need to change
> the port for the old nfs to 12049 etc to get the old nfs started so
> rpcidmapd can start on the Ganesha nfs servers.  They made it a dependency.
>
> That’s when things get messy.   I may try to uninstall the built in nfs
> packages but not sure if they will also pull out the rpcidmapd ones too.
>
> Cheers,
> Tom
>
> Sent from my iPhone
>
> > On Mar 6, 2018, at 9:00 AM, Daniel Gryniewicz <d...@redhat.com> wrote:
> >
> > Based on the error messages, you client is not sending t...@nix.my.dom
> but is sending t...@my.dom@localdomain.  Something is mis-configured on
> the client.  Have you tried having identical (including case) idmapd.conf
> files on both the client and server?
> >
> > Idmap configuration has historically be very picky and hard to set up,
> and I'm far from an expert on it.
> >
> > Daniel
> >
> >> On 03/06/2018 08:24 AM, TomK wrote:
> >> Hey Guy's,
> >> Getting below message which in turn fails to list proper UID / GID on
> NFSv4 mounts from within an unprivileged account. All files show up with
> owner and group as nobody / nobody when viewed from the client.
> >> Wondering if anyone saw this and what the solution could be here?
> >> If not the right list, let me know please.
> >> [root@client01 etc]# cat /etc/idmapd.conf|grep -v "#"| sed -e "/^$/d"
> >> [General]
> >> Verbosity = 7
> >> Domain = nix.my.dom
> >> [Mapping]
> >> [Translation]
> >> [Static]
> >> [UMICH_SCHEMA]
> >> LDAP_server = ldap-server.local.domain.edu
> >> LDAP_base = dc=local,dc=domain,dc=edu
> >> [root@client01 etc]#
> >> Mount looks like this:
> >> nfs-c01.nix.my.dom:/n/my.dom on /n/my.dom type nfs4
> (rw,relatime,vers=4.0,rsize=8192,wsize=8192,namlen=255,
> hard,proto=tcp,port=0,timeo=10,retrans=2,sec=sys,clientaddr=192.168.0.236,
> local_lock=none,addr=192.168.0.80) /var/log/messages
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: key: 0x3f2c257b type: uid
> value: t...@my.dom@localdomain timeout 600
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid: calling
> nsswitch->name_to_uid
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nss_getpwnam: name 
> >> 't...@my.dom@localdomain'
> domain 'nix.my.dom': resulting localname '(null)'
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nss_getpwnam: name 
> >> 't...@my.dom@localdomain'
> does not map into domain 'nix.my.dom'
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid:
> nsswitch->name_to_uid returned -22
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid: final
> return value is -22
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid: calling
> nsswitch->name_to_uid
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nss_getpwnam: name
> 'nob...@nix.my.dom' domain 'nix.my.dom': resulting localname 'nobody'
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid:
> nsswitch->name_to_uid returned 0
> >> Mar  6 00:17:27 client01 nfsidmap[14396]: nfs4_name_to_uid: final
> return value is 0
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: key: 0x324b0048 type: gid
> value: t...@my.dom@localdomain timeout 600
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid: calling
> nsswitch->name_to_gid
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid:
> nsswitch->name_to_gid returned -22
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid: final
> return value is -22
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid: calling
> nsswitch->name_to_gid
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid:
> nsswitch->name_to_gid returned 0
> >> Mar  6 00:17:27 client01 nfsidmap[14398]: nfs4_name_to_gid: final
> return value is 0
> >> Mar  6 00:17:31 client01 systemd-logind: Removed session 23.
> >> Result of:
> >> systemctl restart rpcidmapd
> >> /var/log/messages
> >> -------------------
> >> Mar  5 23:46:12 client01 systemd: Stopping Automounts filesystems on
> demand...
> >> Mar  5 23:46:13 client01 systemd: Stopped Automounts filesystems on
> demand.
> >> Mar  5 23:48:51 client01 systemd: Stopping NFSv4 ID-name mapping
> service...
> >> Mar  5 23:48:51 client01 systemd: Starting Preprocess NFS
> configuration...
> >> Mar  5 23:48:51 client01 systemd: Started Preprocess NFS configuration.
> >> Mar  5 23:48:51 client01 systemd: Starting NFSv4 ID-name mapping
> service...
> >> Mar  5 23:48:51 client01 rpc.idmapd[14117]: libnfsidmap: using domain:
> nix.my.dom
> >> Mar  5 23:48:51 client01 rpc.idmapd[14117]: libnfsidmap: Realms list:
> 'NIX.MY.DOM'
> >> Mar  5 23:48:51 client01 rpc.idmapd: rpc.idmapd: libnfsidmap: using
> domain: nix.my.dom
> >> Mar  5 23:48:51 client01 rpc.idmapd: rpc.idmapd: libnfsidmap: Realms
> list: 'NIX.MY.DOM'
> >> Mar  5 23:48:51 client01 rpc.idmapd: rpc.idmapd: libnfsidmap: loaded
> plugin /lib64/libnfsidmap/nsswitch.so for method nsswitch
> >> Mar  5 23:48:51 client01 rpc.idmapd[14117]: libnfsidmap: loaded plugin
> /lib64/libnfsidmap/nsswitch.so for method nsswitch
> >> Mar  5 23:48:51 client01 rpc.idmapd[14118]: Expiration time is 600
> seconds.
> >> Mar  5 23:48:51 client01 systemd: Started NFSv4 ID-name mapping service.
> >> Mar  5 23:48:51 client01 rpc.idmapd[14118]: Opened
> /proc/net/rpc/nfs4.nametoid/channel
> >> Mar  5 23:48:51 client01 rpc.idmapd[14118]: Opened
> /proc/net/rpc/nfs4.idtoname/channel
> >
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Nfs-ganesha-devel mailing list
> Nfs-ganesha-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
>

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Nfs-ganesha-devel mailing list
Nfs-ganesha-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel

Reply via email to