Hi, >>> On 6/21/2006 at 11:34:07 am, Oliver Tennert <[EMAIL PROTECTED]> wrote: > There's one missing, though: I found out that on an NFS4 server, the NFS > server must start BEFORE idmapd does, because the user ID mapping gets wrong > otherwise: on NFS 4 clients, UID/GID is always shown as nobody, even though > access itself is granted to the users. Therefore, the mapping works only in > one direction, namely client -> server. >
Which version of SUSE 10.1 are you using? In the latest version I see that this problem has been already fixed in nfsserver startup script (attached). checkproc /usr/sbin/rpc.idmapd if [ $? -eq 0 ] ; then ## Let idmapd know that nfs server is starting up /etc/init.d/idmapd reload fi If idmapd is already running, it is reloaded (SIGHUP) when nfsserver starts. > So, in my opinion (and the patch is tested, of course), it should be > something > like this: > > --- idmapd.org 2006-06-21 07:59:18.524482758 +0200 > +++ idmapd 2006-06-21 07:59:37.643526272 +0200 > @@ -12,7 +12,7 @@ > # Provides: idmapd > # Required-Start: $network $remote_fs $named portmap > # Required-Stop: $network portmap > -# Should-Start: ypbind krb5kdc > +# Should-Start: ypbind krb5kdc nfsserver > # Should-Stop: > # Default-Start: 3 5 > # Default-Stop: 0 1 2 6 > > --- nfsserver.org 2006-06-21 07:59:57.331481852 +0200 > +++ nfsserver 2006-06-21 08:00:06.750025443 +0200 > @@ -12,7 +12,7 @@ > # Provides: nfsserver > # Required-Start: $network $remote_fs $named portmap > # Required-Stop: $network portmap > -# Should-Start: ypbind svcgssd idmapd > +# Should-Start: ypbind svcgssd > # Should-Stop: > # Default-Start: 3 5 > # Default-Stop: 0 1 2 6 > > After applying the patch, "insserv idmapd" must be run, of course. This patch makes nfsserver to be started whenever idmapd is started, which in this case is during boot. This is not acceptable because even the NFS4 client needs idmapd. The user may want to use the machine as an NFS4 client. The solution already provided in latest versions works better. Regards, Shankar
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
