Hi,
I have realized that some of the patches to the idmapd and nfsserver/nfs
startup scripts I contemplated (but unfortunately did not submit, mea culpa!)
were nevertheless integrated into 10.1.
There's one missing, though: I found out that on an NFS4 server, the NFS
server must start BEFORE idmapd does, because the user ID mapping gets wrong
otherwise: on NFS 4 clients, UID/GID is always shown as nobody, even though
access itself is granted to the users. Therefore, the mapping works only in
one direction, namely client -> server.
So, in my opinion (and the patch is tested, of course), it should be something
like this:
--- idmapd.org 2006-06-21 07:59:18.524482758 +0200
+++ idmapd 2006-06-21 07:59:37.643526272 +0200
@@ -12,7 +12,7 @@
# Provides: idmapd
# Required-Start: $network $remote_fs $named portmap
# Required-Stop: $network portmap
-# Should-Start: ypbind krb5kdc
+# Should-Start: ypbind krb5kdc nfsserver
# Should-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
--- nfsserver.org 2006-06-21 07:59:57.331481852 +0200
+++ nfsserver 2006-06-21 08:00:06.750025443 +0200
@@ -12,7 +12,7 @@
# Provides: nfsserver
# Required-Start: $network $remote_fs $named portmap
# Required-Stop: $network portmap
-# Should-Start: ypbind svcgssd idmapd
+# Should-Start: ypbind svcgssd
# Should-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
After applying the patch, "insserv idmapd" must be run, of course.
Best regards
Oliver
--
The world is coming to an end! Repent and return those library books!
--
__
________________________________________creating IT solutions
Dr. Oliver Tennert
Senior Solutions Engineer
CAx Professional Services
science + computing ag
phone +49(0)7071 9457-598 Hagellocher Weg 71-75
fax +49(0)7071 9457-411 D-72070 Tuebingen, Germany
[EMAIL PROTECTED] www.science-computing.de
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
