[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: nfs-utils (Debian) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Won't Fix Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command "id user110" returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs "ls -l /home/user110/" : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Launchpad has imported 42 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=876705. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2012-11-14T18:52:45+00:00 Maurizio wrote: Description of problem: When listing an nfs4 mounted directory an incorrect ownership of -2 is shown for some users. Version-Release number of selected component (if applicable): nfs client (Fedora 17): nfs-utils-1.2.6-5.fc17.i686 kernel-PAE-3.6.5-1.fc17.i686 nfs server (Fedora 16): nfs-utils-1.2.5-5.fc16.i686 kernel-PAE-3.3.5-2.fc16.i686 How reproducible: by listing an NFS4 mounted directory with files owned by many users. Steps to Reproduce: 1. Mount via NFS4 an export containing files owned by more than 200 different users (e.g. /var/spool/mail/) 2. Do "ls -l " Actual results: for some users the ownership is incorrectly given as 4294967294 Expected results: the owner of all files should be mapped correctly Additional info: in /proc/keys there is a listing of all cached uid mappings, the user that are not listed correctly are not present in the list. Strangely, all keys are shown as "permanent" instead of having an expiration time of 600 seconds. Also they are contributing (flag Q) to the quota. in /proc/key-users you can find the current maximum allowed number of keys for the root user (200). Bug https://bugzilla.redhat.com/show_bug.cgi?id=847084 probably has the same origin; however that bug has been closed as NOTABUG. Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/0 On 2012-11-15T08:56:06+00:00 Steve wrote: *** Bug 847084 has been marked as a duplicate of this bug. *** Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/1 On 2012-11-15T09:01:16+00:00 Steve wrote: David, Would it make sense to patch the kernel so the maxkeys/root_maxkeys are set to a more reasonable value? Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/2 On 2012-11-15T09:15:05+00:00 Luca wrote: I have given a look at the relevant sources for the fedora kernel (upstream it is just the same). It appears that nfsid keys should be created within the keyring keyring = key_alloc(_type_keyring, ".id_resolver", 0, 0, cred, (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ, KEY_ALLOC_NOT_IN_QUOTA); in idmap.c However they do still count toward the quota of root (whence the problem). This is quite surprising and, unless I am misrepresenting the situation, it could be a bug somewhere else. Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/3 On 2013-02-03T22:09:14+00:00 Maurizio wrote: The issue is still there on a fresh installation of a Fedora 18. Now this is quite unfortunate: like this NFS4 is unreliable and quite unusable especially on systems like mail servers that typically handle files with many differing ownerships in a common directory. Is this going to be fixed? Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/4 On 2013-03-13T05:35:34+00:00 Maurizio wrote: The problem is still present after a fresh update of the client: nfs client (Fedora 18): nfs-utils-1.2.7-3.fc18.i686 kernel-PAE-3.8.2-206.fc18.i686 nfs server (Fedora 16): nfs-utils-1.2.5-5.fc16.i686 kernel-PAE-3.3.5-2.fc16.i686 The description of the problem above still applies. Moreover nothing is written in /var/log/messages Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/7 On 2013-04-10T08:27:53+00:00 David wrote: I don't see the issue between 2 Fedora 18 machines. Unfortunately, our Fedora and Ubuntu clients do run into this problem all the time with the home and mail directories, which are on RHEL 6 servers. Could it be that the bug was fixed in recent Fedora kernels, but that RHEL 6 is still waiting for a fix? Reply at: https://bugs.launchpad.net/fedora/+bug/1124250/comments/8 On 2013-04-10T09:21:00+00:00 Anders wrote: This is what I use on our Fedora machines (1000 is enough for us ATM): /etc/sysctl.d/nfsv4_idmap_maxkeys: # NFSv4 idmap entries are counted against a very low quota # https://bugzilla.redhat.com/show_bug.cgi?id=876705 kernel.keys.root_maxkeys = 1000
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi, I'm still seeing this error. root@XX:~# uname -r 3.13.0-77-generic root@XX~# root@~# cat /etc/issue Ubuntu 14.04.4 LTS \n \l root@:~# -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Confirmed Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command "id user110" returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs "ls -l /home/user110/"
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi, Am I still hitting this bug ? root@XX:~# uname -r 3.13.0-77-generic root@XX~# root@~# cat /etc/issue Ubuntu 14.04.4 LTS \n \l root@:~# root@prod-login-west01:~# ls -l /u4/ | head total 9356 drwx--x--x 6 nobody staff4096 Jun 24 2013 aabdul drwx--x--x 75 nobody staff 24576 Feb 12 2015 aadhikar drwxr-xr-x 3 4294967294 daemon 4096 Nov 6 2013 aaggarwa drwx--x--x 27 nobody staff 20480 Jul 22 2012 aalness drwx--x--x 3 4294967294 staff4096 Aug 1 2012 aamehta drwx--x--x 4 nobody staff4096 Dec 10 2012 aamsalem drwx--x--x 4 4294967294 staff4096 Jan 23 2015 aamte drwxr-xr-x 3 4294967294 staff4096 Jul 15 2014 aanand drwx--x--x 2 4294967294 staff4096 Mar 26 2013 aassfalg root@prod-login-west01:~# -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Confirmed Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: nfs-utils (Debian) Status: Fix Released => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Confirmed Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 & Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command "id user110" returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs "ls -l /home/user110/" : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I did one more test on Trusty today, running 3.13.0-57-generic kernel. Installing keyutils (no other hacks needed), makes the keys turn permanent (which serves as a workaround but leads to problems because of the cache getting full). Without keyutils, the keys do NOT get renewed as they should. So, this is the current state: Precise running 3.2 kernel: not affected Precise running 3.13 lts kernel: keys do not get renewed, no way to make them permanent without ugly hacks. Trusty running 3.13 kernel: keys do not get renewed, they can be made permanent by running keyutils. In the Precise + lts kernel case, it's possible to hack around the userland tools to make the keys become permanent (keyutils + libkeyutils1 + libnfsidmap2 from trusty + /usr/sbin/nfsidmap + /etc /request-key.d/id_resolver.conf from nfs-common in trusty). I was not able to find a way to make the keys renew automatically which would be the right behavior. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
To clarify the above comment: Precise running 3.2 kernel: not affected Precise running 3.13 lts kernel: affected Trusty running 3.13 kernel: not affected In the Precise + lts kernel case, it's possible to hack around the userland tools to make the keys become permanent (keyutils + libkeyutils1 + libnfsidmap2 from trusty + /usr/sbin/nfsidmap + /etc /request-key.d/id_resolver.conf from nfs-common in trusty). I was not able to find a way to make the keys renew automatically which would be the right behavior. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs,
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug affects Precise, but it's not marked so. Back in June, I had mentioned that it was possible to make the keys permanent by using the trusty versions of keyutils + libkeyutils1 + libnfsidmap2. This is now not possible anymore with the latest kernel versions available on Precise. I understand that making the keys permanent is not actually a solution, but right now, on Precise with the trusty-lts kernel the keys keep getting expired and not renewed. This is wrong and needs to be fixed. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Amending #71: still seeing this problem. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I'm running into this problem (keys don't get automatically renewed and are expired after 10 minutes) on a precise server running the trusty lts kernel. I've just rebooted into the latest version (3.13.0.53.46), and the problem is still present. #33 mentions that installing keyutils fixes this. It fixes it by making the keys permanent (and thus increasing the likelihood of running out of space in the cache), and only with the trusty version of keyutils. With the precise version of keyutils, keys still expire and do not get renewed. Still, for people affected by the lack of renewal issue, you can install the trusty version of keyutils + libkeyutils1 + libnfsidmap2 (the trusty packages install cleanly on precise), and your keys will become permanent (beware of cache filling though). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept.
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Still see this with 3.13.0-53-generic Installing larger values as suggested above wasn't initially very successful. As suggested a nfsidmap -c and that seemed to have worked for now. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi, the prolem is still present with dpkg -s linux-image-3.16.0-38-generic Package: linux-image-3.16.0-38-generic Status: install ok installed Priority: optional Section: kernel Installed-Size: 43744 Maintainer: Ubuntu Kernel Team kernel-t...@lists.ubuntu.com Architecture: amd64 Source: linux-lts-utopic Version: 3.16.0-38.52~14.04.1 I would be happy contributing to fix the problem. Not using nfsv4 is not a nice option. Thanks -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi Dariusz, the problem is still present with Linux version 3.13.0-52-generic. dpkg -s linux-image-3.13.0-52-generic Package: linux-image-3.13.0-52-generic Status: install ok installed Priority: optional Section: kernel Installed-Size: 41219 Maintainer: Ubuntu Kernel Team kernel-t...@lists.ubuntu.com Architecture: amd64 Source: linux Version: 3.13.0-52.86 I guess all my other settings are fine. Thanks Mario -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
If I understood correctly, historically there have been two independently developed alternative user-space mechanisms that can perform uid - user name lookups for the Linux NFSv4 implementation in the kernel, one from the University of Michigan and one from NetApp: A) /usr/sbin/rpc.idmapd runs as a daemon and listens to some pipe in /run/rpc_pipefs, and kernel sends requests via that pipe B) kernel executes for each request the command /sbin/request-key, which according to /etc/request-key.* calls nfsidmap, which then answers to the kernel via the add_key() and keyctl() system calls Which of these is meant to be used on Ubuntu 145.04 LTS, and how to I specify and verify that choice? I'm asking, because I get syslog messages from rpc.idmapd such as May 7 13:51:11 dirac nfsidmap[10738]: nss_getpwnam: name 'nobody' does not map into domain 'cl.cam.ac.uk' and at the same time I also find nfsidmap-related keys in $ sudo cat /proc/keys [...] 2c6194e5 I--Q-N- 1 26s 3b01 0 0 id_resolv uid:r...@domain.uk 2d5a0c25 I--Q-N- 1 28s 3b01 0 0 id_resolv uid:mg...@domain.uk 2e025d97 I--Q--- 1 9m 3b01 0 0 id_legacy uid:mg...@domain.uk: 5 2e463b17 I--Q--- 1 9m 3b01 0 0 id_legacy uid:na...@domain.uk: 5 331c87da I--Q-N- 1 28s 3b01 0 0 id_resolv gid:nc...@domain.uk 33955fd4 I--Q--- 1 9m 3b01 0 0 id_legacy gid:wednes...@domain.uk: 4 36702b00 I--Q-N- 1 28s 3b01 0 0 id_resolv gid:wednes...@domain.uk 376c94e9 I--Q-N- 1 28s 3b01 0 0 id_resolv uid:w...@domain.uk 37ef3e9a I--Q--- 1 9m 3b01 0 0 id_legacy gid:wwwupd...@domain.uk: 4 3c332878 I--Q--- 1 9m 3b01 0 0 id_legacy gid:nobody: 6 3e585863 I-- 1 perm 1f03 0 0 keyring .id_resolver: 36 3fbf548d I-- 1 perm 1f0b 0 0 keyring .system_keyring: 1 Are both these idmap systems really supposed to be active at the same time? What is the difference between the id_resolv and id_legacy key types? What does it mean to have negative id_resolv and non-negative id_legacy keys at the same time, as above? Where is all this NFSv4 uid/gid translation mechanics documented? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I can confirm that the problem persists (and possibly even has become more common) here with the recent kernel update: $ ls -ld /some-nfsv4-mounted-directory ; cat /proc/key-users ; uname -a drwxrwsr-x 2 4294967294 4294967294 4096 Dec 20 2007 . /proc/key-users: 0:60 59/59 53/2000 1226/40 Linux dirac.cl.cam.ac.uk 3.13.0-52-generic #85-Ubuntu SMP Wed Apr 29 16:44:17 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux $ dpkg-query -s keyutils dpkg-query: package 'keyutils' is not installed and no information is available $ grep -H '' /proc/sys/kernel/keys/* /proc/sys/kernel/keys/gc_delay:300 /proc/sys/kernel/keys/maxbytes:2 /proc/sys/kernel/keys/maxkeys:2000 /proc/sys/kernel/keys/persistent_keyring_expiry:259200 /proc/sys/kernel/keys/root_maxbytes:40 /proc/sys/kernel/keys/root_maxkeys:2000 Documentation of /proc/sys/kernel/keys/* etc.: https://www.kernel.org/doc/Documentation/security/keys.txt -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Dariusz: Today the problem has occurred again: sudo cat /proc/key-users 0:65 64/64 58/200 810/2 and the /var/mail folder was hit in this case. After a while (about 1 hour) the problem diminishes with the following key-users result: 0:21 20/20 14/200 194/2 As I don´t understand the meaning of this values, I don´t know what values I should use. We have a ldap/krb5 setup with 30 users and 15 groups. The kernel was Linux version 3.13.0-51-generic (buildd@tipua) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #84~precise1-Ubuntu SMP Wed Apr 15 21:45:46 UTC 2015 Thanks Stef -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Stef, thanks for the update. Can you please confirm that you have upgraded your kernel to version 3.13.0-51.84 or later? This is the first release that has this fix. The version you mentioned earlier (3.13.0.51.44) is expected to be still affected by this bug. Thank you. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi Dariusz, I think Linux version 3.13.0-51-generic (buildd@tipua) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #84~precise1-Ubuntu SMP Wed Apr 15 21:45:46 is the latest kernel. dpkg -s linux-image-3.13.0-51-generic Package: linux-image-3.13.0-51-generic Status: install ok installed Priority: optional Section: kernel Installed-Size: 192808 Maintainer: Ubuntu Kernel Team kernel-t...@lists.ubuntu.com Architecture: amd64 Source: linux-lts-trusty Version: 3.13.0-51.84~precise1 Thanks Stef -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Thank you Stef. I have verified the fix on trusty with trusty kernel. I will try to set up a precise environment with trusty kernel and reproduce this issue. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Tags removed: verification-needed-trusty verification-needed-utopic ** Tags added: verification-done-trusty verification-done-utopic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ :
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug was fixed in the package linux - 3.16.0-36.48 --- linux (3.16.0-36.48) utopic; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1443946 * Merged back Ubuntu-3.16.0-34.47 security release linux (3.16.0-35.46) utopic; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1442324 [ Andy Whitcroft ] * [Config] CONFIG_DEFAULT_MMAP_MIN_ADDR needs to match on armhf and arm64 - LP: #1418140 [ Chris J Arges ] * [Config] CONFIG_PCIEASPM_DEBUG=y - LP: #1398544 [ dann frazier ] * [Config] CONFIG_RTC_DRV_EFI=y on arm64 - LP: #1441291 [ Upstream Kernel Changes ] * Revert USB: serial: make bulk_out_size a lower limit - LP: #1441317 * Revert i2c: core: Dispose OF IRQ mapping at client removal time - LP: #1441317 * Revert net: cx82310_eth: use common match macro - LP: #1441317 * KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED - LP: #1124250 * drm/i915/bdw: 3D_CHICKEN3 has write mask bits - LP: #1374389 * drm/i915: call lpt_init_clock_gating on BDW too - LP: #1374389 * drm/i915/bdw: Apply workarounds in render ring init function - LP: #1374389 * drm/i915/bdw: Cleanup pre prod workarounds - LP: #1374389 * drm/i915: Refactor Broadwell PIPE_CONTROL emission into a helper. - LP: #1374389 * drm/i915: Add the WaCsStallBeforeStateCacheInvalidate:bdw workaround. - LP: #1374389 * drm/i915/bdw: Remove BDW preproduction W/As until C stepping. - LP: #1374389 * drm/i915: Rework GPU reset sequence to match driver load thaw - LP: #1384469 * drm/ast: switch to using CACHED by default for sysram - LP: #1420627 * drm/ast: Add missing entry to dclk_table[] - LP: #1420627 * drm/ast: Add reduced blanking modes for wide screen mode - LP: #1420627 * drm/ast: Try to use MMIO registers when PIO isn't supported - LP: #1420627 * drm/ast: POST chip at probe time if VGA not enabled - LP: #1420627 * drm/ast: Properly initialize P2A base before using it in ast_init_3rdtx() - LP: #1420627 * drm/ast: Don't assume DVO enabled means SIL164 on uninitialized chips - LP: #1420627 * drm/ast: Cleanup analog init code path - LP: #1420627 * audit: correctly record file names with different path name types - LP: #1439441 * of: Create of_console_check() for selecting a console specified in /chosen - LP: #1438585 * of: Enable console on serial ports specified by /chosen/stdout-path - LP: #1438585 * of: correct of_console_check()'s return value - LP: #1438585 * of: Add bindings for chosen node, stdout-path - LP: #1438585 * of: add optional options parameter to of_find_node_by_path() - LP: #1438585 * of: support passing console options with stdout-path - LP: #1438585 * netfilter: nf_tables: disable preemption when restoring chain counters - LP: #1441317 * netfilter: nf_tables: fix leaks in error path of nf_tables_newchain() - LP: #1441317 * ipvs: rerouting to local clients is not needed anymore - LP: #1441317 * netfilter: nft_compat: fix module refcount underflow - LP: #1441317 * netfilter: xt_socket: fix a stack corruption bug - LP: #1441317 * ipvs: add missing ip_vs_pe_put in sync code - LP: #1441317 * flowcache: Fix kernel panic in flow_cache_flush_task - LP: #1441317 * pktgen: fix UDP checksum computation - LP: #1441317 * rtnetlink: ifla_vf_policy: fix misuses of NLA_BINARY - LP: #1441317 * tcp: make sure skb is not shared before using skb_get() - LP: #1441317 * ipv6: fix ipv6_cow_metrics for non DST_HOST case - LP: #1441317 * rtnetlink: call -dellink on failure when -newlink exists - LP: #1441317 * gen_stats.c: Duplicate xstats buffer for later use - LP: #1441317 * ipv4: ip_check_defrag should correctly check return value of skb_copy_bits - LP: #1441317 * ipv4: ip_check_defrag should not assume that skb_network_offset is zero - LP: #1441317 * net: phy: Fix verification of EEE support in phy_init_eee - LP: #1441317 * ematch: Fix auto-loading of ematch modules. - LP: #1441317 * openvswitch: Fix net exit. - LP: #1441317 * net: reject creation of netdev names with colons - LP: #1441317 * team: fix possible null pointer dereference in team_handle_frame - LP: #1441317 * net: compat: Ignore MSG_CMSG_COMPAT in compat_sys_{send, recv}msg - LP: #1441317 * macvtap: make sure neighbour code can push ethernet header - LP: #1441317 * usb: plusb: Add support for National Instruments host-to-host cable - LP: #1441317 * udp: only allow UFO for packets from SOCK_DGRAM sockets - LP: #1441317 * net: ping: Return EAFNOSUPPORT when appropriate. - LP: #1441317 * team: don't traverse port list using rcu in team_set_mac_address - LP: #1441317 * ALSA: hda - Add pin configs for ASUS mobo with IDT 92HD73XX codec - LP: #1441317 * xfs: Fix
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug was fixed in the package linux - 3.16.0-36.48 --- linux (3.16.0-36.48) utopic; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1443946 * Merged back Ubuntu-3.16.0-34.47 security release linux (3.16.0-35.46) utopic; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1442324 [ Andy Whitcroft ] * [Config] CONFIG_DEFAULT_MMAP_MIN_ADDR needs to match on armhf and arm64 - LP: #1418140 [ Chris J Arges ] * [Config] CONFIG_PCIEASPM_DEBUG=y - LP: #1398544 [ dann frazier ] * [Config] CONFIG_RTC_DRV_EFI=y on arm64 - LP: #1441291 [ Upstream Kernel Changes ] * Revert USB: serial: make bulk_out_size a lower limit - LP: #1441317 * Revert i2c: core: Dispose OF IRQ mapping at client removal time - LP: #1441317 * Revert net: cx82310_eth: use common match macro - LP: #1441317 * KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED - LP: #1124250 * drm/i915/bdw: 3D_CHICKEN3 has write mask bits - LP: #1374389 * drm/i915: call lpt_init_clock_gating on BDW too - LP: #1374389 * drm/i915/bdw: Apply workarounds in render ring init function - LP: #1374389 * drm/i915/bdw: Cleanup pre prod workarounds - LP: #1374389 * drm/i915: Refactor Broadwell PIPE_CONTROL emission into a helper. - LP: #1374389 * drm/i915: Add the WaCsStallBeforeStateCacheInvalidate:bdw workaround. - LP: #1374389 * drm/i915/bdw: Remove BDW preproduction W/As until C stepping. - LP: #1374389 * drm/i915: Rework GPU reset sequence to match driver load thaw - LP: #1384469 * drm/ast: switch to using CACHED by default for sysram - LP: #1420627 * drm/ast: Add missing entry to dclk_table[] - LP: #1420627 * drm/ast: Add reduced blanking modes for wide screen mode - LP: #1420627 * drm/ast: Try to use MMIO registers when PIO isn't supported - LP: #1420627 * drm/ast: POST chip at probe time if VGA not enabled - LP: #1420627 * drm/ast: Properly initialize P2A base before using it in ast_init_3rdtx() - LP: #1420627 * drm/ast: Don't assume DVO enabled means SIL164 on uninitialized chips - LP: #1420627 * drm/ast: Cleanup analog init code path - LP: #1420627 * audit: correctly record file names with different path name types - LP: #1439441 * of: Create of_console_check() for selecting a console specified in /chosen - LP: #1438585 * of: Enable console on serial ports specified by /chosen/stdout-path - LP: #1438585 * of: correct of_console_check()'s return value - LP: #1438585 * of: Add bindings for chosen node, stdout-path - LP: #1438585 * of: add optional options parameter to of_find_node_by_path() - LP: #1438585 * of: support passing console options with stdout-path - LP: #1438585 * netfilter: nf_tables: disable preemption when restoring chain counters - LP: #1441317 * netfilter: nf_tables: fix leaks in error path of nf_tables_newchain() - LP: #1441317 * ipvs: rerouting to local clients is not needed anymore - LP: #1441317 * netfilter: nft_compat: fix module refcount underflow - LP: #1441317 * netfilter: xt_socket: fix a stack corruption bug - LP: #1441317 * ipvs: add missing ip_vs_pe_put in sync code - LP: #1441317 * flowcache: Fix kernel panic in flow_cache_flush_task - LP: #1441317 * pktgen: fix UDP checksum computation - LP: #1441317 * rtnetlink: ifla_vf_policy: fix misuses of NLA_BINARY - LP: #1441317 * tcp: make sure skb is not shared before using skb_get() - LP: #1441317 * ipv6: fix ipv6_cow_metrics for non DST_HOST case - LP: #1441317 * rtnetlink: call -dellink on failure when -newlink exists - LP: #1441317 * gen_stats.c: Duplicate xstats buffer for later use - LP: #1441317 * ipv4: ip_check_defrag should correctly check return value of skb_copy_bits - LP: #1441317 * ipv4: ip_check_defrag should not assume that skb_network_offset is zero - LP: #1441317 * net: phy: Fix verification of EEE support in phy_init_eee - LP: #1441317 * ematch: Fix auto-loading of ematch modules. - LP: #1441317 * openvswitch: Fix net exit. - LP: #1441317 * net: reject creation of netdev names with colons - LP: #1441317 * team: fix possible null pointer dereference in team_handle_frame - LP: #1441317 * net: compat: Ignore MSG_CMSG_COMPAT in compat_sys_{send, recv}msg - LP: #1441317 * macvtap: make sure neighbour code can push ethernet header - LP: #1441317 * usb: plusb: Add support for National Instruments host-to-host cable - LP: #1441317 * udp: only allow UFO for packets from SOCK_DGRAM sockets - LP: #1441317 * net: ping: Return EAFNOSUPPORT when appropriate. - LP: #1441317 * team: don't traverse port list using rcu in team_set_mac_address - LP: #1441317 * ALSA: hda - Add pin configs for ASUS mobo with IDT 92HD73XX codec - LP: #1441317 * xfs: Fix
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug was fixed in the package linux - 3.13.0-51.84 --- linux (3.13.0-51.84) trusty; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1444141 * Merged back Ubuntu-3.13.0-49.83 security release linux (3.13.0-50.82) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1442285 [ Andy Whitcroft ] * [Config] CONFIG_DEFAULT_MMAP_MIN_ADDR needs to match on armhf and arm64 - LP: #1418140 [ Chris J Arges ] * [Config] CONFIG_PCIEASPM_DEBUG=y - LP: #1398544 [ Upstream Kernel Changes ] * KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED - LP: #1124250 * audit: correctly record file names with different path name types - LP: #1439441 * KVM: x86: Check for nested events if there is an injectable interrupt - LP: #1413540 * be2iscsi: fix memory leak in error path - LP: #1440156 * block: remove old blk_iopoll_enabled variable - LP: #1440156 * be2iscsi: Fix handling timed out MBX completion from FW - LP: #1440156 * be2iscsi: Fix doorbell format for EQ/CQ/RQ s per SLI spec. - LP: #1440156 * be2iscsi: Fix the session cleanup when reboot/shutdown happens - LP: #1440156 * be2iscsi: Fix scsi_cmnd leakage in driver. - LP: #1440156 * be2iscsi : Fix DMA Out of SW-IOMMU space error - LP: #1440156 * be2iscsi: Fix retrieving MCCQ_WRB in non-embedded Mbox path - LP: #1440156 * be2iscsi: Fix exposing Host in sysfs after adapter initialization is complete - LP: #1440156 * be2iscsi: Fix interrupt Coalescing mechanism. - LP: #1440156 * be2iscsi: Fix TCP parameters while connection offloading. - LP: #1440156 * be2iscsi: Fix memory corruption in MBX path - LP: #1440156 * be2iscsi: Fix destroy MCC-CQ before MCC-EQ is destroyed - LP: #1440156 * be2iscsi: add an missing goto in error path - LP: #1440156 * be2iscsi: remove potential junk pointer free - LP: #1440156 * be2iscsi: Fix memory leak in mgmt_set_ip() - LP: #1440156 * be2iscsi: Fix the sparse warning introduced in previous submission - LP: #1440156 * be2iscsi: Fix updating the boot enteries in sysfs - LP: #1440156 * be2iscsi: Fix processing CQE before connection resources are freed - LP: #1440156 * be2iscsi : Fix kernel panic during reboot/shutdown - LP: #1440156 * fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit. - LP: #1440156 * quota: Store maximum space limit in bytes - LP: #1441284 * ip: zero sockaddr returned on error queue - LP: #1441284 * net: rps: fix cpu unplug - LP: #1441284 * ipv6: stop sending PTB packets for MTU 1280 - LP: #1441284 * netxen: fix netxen_nic_poll() logic - LP: #1441284 * udp_diag: Fix socket skipping within chain - LP: #1441284 * ping: Fix race in free in receive path - LP: #1441284 * bnx2x: fix napi poll return value for repoll - LP: #1441284 * net: don't OOPS on socket aio - LP: #1441284 * bridge: dont send notification when skb-len == 0 in rtnl_bridge_notify - LP: #1441284 * ipv4: tcp: get rid of ugly unicast_sock - LP: #1441284 * ppp: deflate: never return len larger than output buffer - LP: #1441284 * net: sctp: fix passing wrong parameter header to param_type2af in sctp_process_param - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to corgi board file - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to poodle board file - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to spitz board file - LP: #1441284 * hx4700: regulator: declare full constraints - LP: #1441284 * HID: input: fix confusion on conflicting mappings - LP: #1441284 * HID: fixup the conflicting keyboard mappings quirk - LP: #1441284 * megaraid_sas: disable interrupt_mask before enabling hardware interrupts - LP: #1441284 * PCI: Generate uppercase hex for modalias var in uevent - LP: #1441284 * usb: core: buffer: smallest buffer should start at ARCH_DMA_MINALIGN - LP: #1441284 * tty/serial: at91: enable peripheral clock before accessing I/O registers - LP: #1441284 * tty/serial: at91: fix error handling in atmel_serial_probe() - LP: #1441284 * axonram: Fix bug in direct_access - LP: #1441284 * ksoftirqd: Enable IRQs and call cond_resched() before poking RCU - LP: #1441284 * TPM: Add new TPMs to the tail of the list to prevent inadvertent change of dev - LP: #1441284 * char: tpm: Add missing error check for devm_kzalloc - LP: #1441284 * tpm_tis: verify interrupt during init - LP: #1441284 * tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma - LP: #1441284 * tpm/tpm_i2c_stm_st33: Fix potential bug in tpm_stm_i2c_send - LP: #1441284 * tpm/tpm_i2c_stm_st33: Add status check when reading data on the FIFO - LP: #1441284 * mmc:
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug was fixed in the package linux - 3.13.0-51.84 --- linux (3.13.0-51.84) trusty; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1444141 * Merged back Ubuntu-3.13.0-49.83 security release linux (3.13.0-50.82) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1442285 [ Andy Whitcroft ] * [Config] CONFIG_DEFAULT_MMAP_MIN_ADDR needs to match on armhf and arm64 - LP: #1418140 [ Chris J Arges ] * [Config] CONFIG_PCIEASPM_DEBUG=y - LP: #1398544 [ Upstream Kernel Changes ] * KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED - LP: #1124250 * audit: correctly record file names with different path name types - LP: #1439441 * KVM: x86: Check for nested events if there is an injectable interrupt - LP: #1413540 * be2iscsi: fix memory leak in error path - LP: #1440156 * block: remove old blk_iopoll_enabled variable - LP: #1440156 * be2iscsi: Fix handling timed out MBX completion from FW - LP: #1440156 * be2iscsi: Fix doorbell format for EQ/CQ/RQ s per SLI spec. - LP: #1440156 * be2iscsi: Fix the session cleanup when reboot/shutdown happens - LP: #1440156 * be2iscsi: Fix scsi_cmnd leakage in driver. - LP: #1440156 * be2iscsi : Fix DMA Out of SW-IOMMU space error - LP: #1440156 * be2iscsi: Fix retrieving MCCQ_WRB in non-embedded Mbox path - LP: #1440156 * be2iscsi: Fix exposing Host in sysfs after adapter initialization is complete - LP: #1440156 * be2iscsi: Fix interrupt Coalescing mechanism. - LP: #1440156 * be2iscsi: Fix TCP parameters while connection offloading. - LP: #1440156 * be2iscsi: Fix memory corruption in MBX path - LP: #1440156 * be2iscsi: Fix destroy MCC-CQ before MCC-EQ is destroyed - LP: #1440156 * be2iscsi: add an missing goto in error path - LP: #1440156 * be2iscsi: remove potential junk pointer free - LP: #1440156 * be2iscsi: Fix memory leak in mgmt_set_ip() - LP: #1440156 * be2iscsi: Fix the sparse warning introduced in previous submission - LP: #1440156 * be2iscsi: Fix updating the boot enteries in sysfs - LP: #1440156 * be2iscsi: Fix processing CQE before connection resources are freed - LP: #1440156 * be2iscsi : Fix kernel panic during reboot/shutdown - LP: #1440156 * fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit. - LP: #1440156 * quota: Store maximum space limit in bytes - LP: #1441284 * ip: zero sockaddr returned on error queue - LP: #1441284 * net: rps: fix cpu unplug - LP: #1441284 * ipv6: stop sending PTB packets for MTU 1280 - LP: #1441284 * netxen: fix netxen_nic_poll() logic - LP: #1441284 * udp_diag: Fix socket skipping within chain - LP: #1441284 * ping: Fix race in free in receive path - LP: #1441284 * bnx2x: fix napi poll return value for repoll - LP: #1441284 * net: don't OOPS on socket aio - LP: #1441284 * bridge: dont send notification when skb-len == 0 in rtnl_bridge_notify - LP: #1441284 * ipv4: tcp: get rid of ugly unicast_sock - LP: #1441284 * ppp: deflate: never return len larger than output buffer - LP: #1441284 * net: sctp: fix passing wrong parameter header to param_type2af in sctp_process_param - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to corgi board file - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to poodle board file - LP: #1441284 * ARM: pxa: add regulator_has_full_constraints to spitz board file - LP: #1441284 * hx4700: regulator: declare full constraints - LP: #1441284 * HID: input: fix confusion on conflicting mappings - LP: #1441284 * HID: fixup the conflicting keyboard mappings quirk - LP: #1441284 * megaraid_sas: disable interrupt_mask before enabling hardware interrupts - LP: #1441284 * PCI: Generate uppercase hex for modalias var in uevent - LP: #1441284 * usb: core: buffer: smallest buffer should start at ARCH_DMA_MINALIGN - LP: #1441284 * tty/serial: at91: enable peripheral clock before accessing I/O registers - LP: #1441284 * tty/serial: at91: fix error handling in atmel_serial_probe() - LP: #1441284 * axonram: Fix bug in direct_access - LP: #1441284 * ksoftirqd: Enable IRQs and call cond_resched() before poking RCU - LP: #1441284 * TPM: Add new TPMs to the tail of the list to prevent inadvertent change of dev - LP: #1441284 * char: tpm: Add missing error check for devm_kzalloc - LP: #1441284 * tpm_tis: verify interrupt during init - LP: #1441284 * tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma - LP: #1441284 * tpm/tpm_i2c_stm_st33: Fix potential bug in tpm_stm_i2c_send - LP: #1441284 * tpm/tpm_i2c_stm_st33: Add status check when reading data on the FIFO - LP: #1441284 * mmc:
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
stef: can you please check after you observe the problem if your key quota is not exceeded? You may do this with: $ sudo cat /proc/key-users This fix is known to solve the expired keys problem, but if the cause of the issue you are experiencing is the capacity of the key quota you may have to extend it (please see comment #2). Thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example :
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I have tried yesterday the image linux-image-3.13.0-51-generic for Precise (linux-signed-image-generic-lts-trusty 3.13.0.51.44). With no luck. I have again after some time the userid 4294967294 in shown for a lot of files and users. So the problem seams unfixed for me. Stef -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- utopic' to 'verification-done-utopic'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty ** Tags added: verification-needed-utopic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Thanks for the fix. Is there also a linux-image-generic-lts-trusty (for 12.04LTS )test kernel available? Stef -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
The fix has been tagged as: - Ubuntu-3.13.0-50.82 for Trusty - Ubuntu-3.16.0-35.46 for Utopic I don't see those version available in -updates yet, so please give it some more time to be release. Thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers)
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Ah, excellent. That release is in the kernel-team PPA - that'll do for the moment! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Is there an ETA on including this in the main repos? I notice there's been a kernel update since Dariusz's patched kernel but it looks like this fix wasn't included. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: linux (Ubuntu Utopic) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Trusty) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Status in linux source package in Utopic: Fix Committed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: linux (Ubuntu Utopic) Status: Won't Fix = In Progress ** Changed in: linux (Ubuntu Trusty) Status: Won't Fix = In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: In Progress Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: In Progress Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Moving linux tracks back to In Progress due different solution. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: In Progress Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: In Progress Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers)
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Description changed: + [Impact] + + * This bug is likely to cause an incorrect UID/GID mapping for NFS + shares in case of large numbers of differend UIDs/GIDs or in case of + expired UID/GID mappings (stored as keys in the kernel). + + [Test Case] + + 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. + 2. Mount the share on a ldap-connected client machine. + 3. List the mounted /home directory. + 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. + + Expected result - all directories are listed with correct UIDs/GIDs. + Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. + + [Regression Potential] + + * This issue has been merged upstream in the 3.18 kernel and is also + present in Debian's 3.16 kernel. + + [Other Info] + + * Original bug description: + I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory :
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** No longer affects: nfs-utils (Ubuntu) ** No longer affects: nfs-utils (Ubuntu Trusty) ** No longer affects: nfs-utils (Ubuntu Utopic) ** Changed in: linux (Ubuntu Trusty) Assignee: (unassigned) = Dariusz Gadomski (dgadomski) ** Changed in: linux (Ubuntu Utopic) Assignee: (unassigned) = Dariusz Gadomski (dgadomski) ** Changed in: linux (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: In Progress Status in linux source package in Utopic: In Progress Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: [Impact] * This bug is likely to cause an incorrect UID/GID mapping for NFS shares in case of large numbers of differend UIDs/GIDs or in case of expired UID/GID mappings (stored as keys in the kernel). [Test Case] 1. Setup a nfs4 server exporting /home with a large number of different users and ldap-based authentication. 2. Mount the share on a ldap-connected client machine. 3. List the mounted /home directory. 4. Wait more than 10 minutes (the default key expiration time) and list it again with ls -l. Expected result - all directories are listed with correct UIDs/GIDs. Actual result - some of the directories may be listed with incorrect UID/GID of 4294967294. [Regression Potential] * This issue has been merged upstream in the 3.18 kernel and is also present in Debian's 3.16 kernel. [Other Info] * Original bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
@Dariusz: As I have similar problems with the HWE-Kernel of trusty for my precise installation, is it possible for ayou to build the fixed kernel also for trusty? Or is there a plan to include the patch in the official trusty kernel? I have tried your trusty-kernel, but I was not able to load the nvidia-331 kernel module, as there where some drm-related (drm_open etc.)symbols missing... Stef. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Confirmed Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: nfs-utils (Debian) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Fix Released Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 user110 oldusers0 févr. 13 16:01
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: nfs-utils (Debian) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Confirmed Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 user110 oldusers0 févr. 13 16:01 test
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Carl, I have backported the fixes to trusty kernel. Could you please give them a try in your environment? The build is available in my PPA (ppa:dgadomski/kernel-nfs). Thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
The fixes for the problem I was seeing related to this bug are in Linux 3.18: https://lkml.org/lkml/2014/12/7/202 (by David Howells). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I believe this is the commit in question: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0b0a84154eff56913e91df29de5c3a03a0029e38 Looks like a good canditate for considering a cherry-pick. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in linux package in Ubuntu: Confirmed Status in nfs-utils package in Ubuntu: Confirmed Status in linux source package in Trusty: Won't Fix Status in nfs-utils source package in Trusty: Confirmed Status in linux source package in Utopic: Won't Fix Status in nfs-utils source package in Utopic: Confirmed Status in nfs-utils package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hello Bryan, The commit that has fixed this was https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=738c5d190f6540539a04baf36ce21d46b5da04bd I think we can make use of it. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc.
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
@Dariusz My understanding is that we can't backport a config change (say to trusty). Since that was done upstream won't it just hit vivid in it's own time? In the mean time, this is configurable so a user can change their config in trusty. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
@Bryan Yes, you're right. It should hit vivid and since it is already configurable by sysctl there is no point in backporting. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
It turns out in 3.17rc4 the root_maxkeys/bytes were greatly increased which is actually what solved my issue.. Sorry for the noise. Raw notes: with key utils - 3.17.rc7 - main issue gone, nogroup is now 4294967294 without key utils - 3.17-rc7 - main issue gone, nogroup is fine too all rest without key utils 3.17-rc4 - no 4294967294 in output /proc/sys/kernel/keys/root_maxbytes 2500 /proc/sys/kernel/keys/root_maxkeys 100 3.17-rc3 - ~24000 in 3.17-rc4 /proc/sys/kernel/keys/root_maxkeys 200 /proc/sys/kernel/keys/root_maxbytes 2 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Works for original case, except nogroup now returns 4294967294, will ping list with results.. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 user110
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Or not.. it seems my issue was fixed somewhere between 3.13 and 3.17rc7... -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 user110 oldusers0
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I think this patch: http://article.gmane.org/gmane.linux.nfs/67156 is another fix for this bug. I'm sure it is more elegant than mine. @Bryan: perhaps you could test it? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: nfs-utils (Ubuntu Trusty) Status: New = Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: Confirmed Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
@carlh Ah, your kernel patch also fixes the case where the key cache get's filled. (Which is my issue) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Bryan: AFAICS the thing is that keyutils changes things so that the id_resolv uid:user@fqdn keys never expire. Without it, they expire after 10 minutes, and that triggers the bug which my kernel patch fixes. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Interesting.. keyutils doesn't seem to help in my case.I'm running ls on the ~27000 user accounts home directory.. I don't understand why this would help... all nfsidmap would do is clear it once, and then it can fill up again/expire again. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi Michael, Thanks... installing keyutils seems to work for me too (without the kernel patch). I haven't investigated too closely, but it looks like the two fixes are sort-of equivalent. The userspace fix is far more appealing, though! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I am not entirely sure if this is 100%ly related to this bug, but let me tell you my story here (contains another workaround): I was also experiencing the problem of frequently having my files owned by 4294967294. Setup is Ubuntu 14.04 with automounted nfs4/kerberos homes, the NFS server is running Debian Wheezy. The problem was not existing with the previously used Ubuntu 13.10, so I began investigating and tried almost everything I found (which is mostly documented here), ranging from setting sysctl values to installing the kernel patch posted here. However, nothing did help, so I decided to debug via /proc/keys: While I still had the problem, /proc/keys (as seen by root) showed keys like this: 0094f999 I--Q--- 1 15s 3b01 0 0 id_legacy uid:user@fqdn: 5 Note worthing is the remaining time of 15 seconds, shortly thereafter the problem occured for me and /proc/keys looked like this: 0094f999 I--Q--- 1 expd 3b01 0 0 id_legacy uid:user@fqdn: 5 The key was expired and there was no new one in the list. So I issued nfsidmap -v -c (which did repair the situation everytime I have tried) and voilà: 5482b3a I--Q--- 1 9m 3b01 0 0 id_legacy uid:user@fqdn: 5 I had a fresh key with a lifetime of ~ 10 minutes. But listen up, now comes the final workaround which has fixed the problem for about 3 or 4 days now: # apt-get install keyutils # restart idmapd # nfsidmap -v -c And now the keys do no longer expire: 2014218e I--Q--- 1 perm 3b01 0 0 id_resolv uid:user@fqdn: 5 As already mentioned, this is working since several days now without any issues, my stress-test to check this is by the way: somedir$ for i in $(seq 10); do touch $i;sleep 0.2;done somedir$ while (true); do ls -lR | grep 4294967294;done I still do not know exactly why installing keyutils has solved the issue or why this package was not previously installed as a dependency, but hey, it is a workaround at least for me and maybe others. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
For anyone following at home: http://www.spinics.net/lists/linux-nfs/msg47185.html @Carl, For the future, it's probably better to use https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/ at least when you're pushing upstream. It does help a lot for possibly SRUing to know that it works on the trusty branch too :). Thanks for all your work! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Hi Bryan, I'm glad it's working, thanks for the report. No response on LKML yet; here's the message: https://lkml.org/lkml/2014/9/30/435 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc.
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
nfs_patch2.patch works for me w/ ~27000 home directory setup. Thanks! Please do link to the lkml if you can (might take a few days to appear). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
Actually, I think this patch is a bit less invasive. I'll submit to the mainline kernel list and pick up my fire extinguisher ;) ** Patch added: nfs_patch2.patch https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1124250/+attachment/4220337/+files/nfs_patch2.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
I have poked at this a bit. On my system, running this: #!/bin/bash while [ 1 ]; do touch foo test=`ls -lh foo | grep -v c.hetherington` if [ $test == ]; then echo OOPS echo $test fi sleep 1s rm foo done prints OOPS exactly 10 minutes after the first resolution of my username (c.hetherington) to my uid (1). When this happens, -2 is returned as the uid/gid of the test file. As far as I can see: nfs_map_name_to_uid() returns -2 in *uid; it calls nfs_idmap_lookup_id() which fails because it calls nfs_idmap_get_key() which fails because it calls nfs_idmap_request_key() which fails because it calls request_key_with_auxdata() which fails because it calls wait_for_key_construction() which fails because key_validate() returns EKEYEXPIRED. At some point subsequently, a new call to nfs_map_name_to_uid ends up calling /sbin/request-key after which everything is ok again. I'm printk()ing the kernel and testing here so let me know if there's anything useful I can try. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
The attached patch is a hack (to Ubuntu's 3.13.0 as shipped with 14.04) which seems to help here. I am no kernel developer, but maybe it will help to describe the problem and suggest a proper solution. ** Patch added: 0001-Invalidate-expired-keys-when-they-are-requested-in-o.patch https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1124250/+attachment/4219275/+files/0001-Invalidate-expired-keys-when-they-are-requested-in-o.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
The attachment 0001-Invalidate-expired-keys-when-they-are-requested- in-o.patch seems to be a patch. If it isn't, please remove the patch flag from the attachment, remove the patch tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Also affects: nfs-utils (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: nfs-utils (Ubuntu Utopic) Importance: Undecided Assignee: Dariusz Gadomski (dgadomski) Status: Confirmed ** Also affects: linux (Ubuntu Utopic) Importance: Low Status: Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: New Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Confirmed Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Changed in: linux (Ubuntu Utopic) Status: Confirmed = Won't Fix ** Changed in: linux (Ubuntu Trusty) Status: New = Won't Fix ** Changed in: linux (Ubuntu Trusty) Importance: Undecided = Low -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
The ubuntu kernel uses the same values as the upstream kernel in regards to these values. They are tunable for exactly this kind of case. I brought this case up with the Ubuntu Kernel team, and unfortunately due to the fact that this could potentially be used in a memory- exhaustion, denial of service type attack we will not be changing from the default values. That being said if the mainline kernel decides to change the defaults we would definitely consider following mainline. For most machines raising these default values isn't an issue. However since Ubuntu is so prevalent in virtualized environments where memory is more restricted we will not be changing these values. If you feel strongly that these values need to be changed please pursue with the mainline linux maintainers. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
@Carl Hetherington Your patch is interesting. Please submit it to the mainline kernel, and to stable if you feel it deserves to go into stable. Once it hits stable it will then likely get picked up by the Ubuntu 3.13 kernel. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “linux” source package in Trusty: Won't Fix Status in “nfs-utils” source package in Trusty: New Status in “linux” source package in Utopic: Won't Fix Status in “nfs-utils” source package in Utopic: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3
[Kernel-packages] [Bug 1124250] Re: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth
** Also affects: linux (Ubuntu) Importance: Undecided Status: New ** Changed in: linux (Ubuntu) Status: New = Confirmed ** Changed in: linux (Ubuntu) Importance: Undecided = Low -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1124250 Title: Partially incorrect uid mapping with nfs4/idmapd/ldap-auth Status in “linux” package in Ubuntu: Confirmed Status in “nfs-utils” package in Ubuntu: Confirmed Status in “nfs-utils” package in Debian: Incomplete Status in Fedora: Unknown Bug description: I'm running a nfs4 server exporting a directory /home (ext4,usrquota). This server is running Ubuntu 12.04 amd64(up-to-date). This directory is handling 662 homedirs for ldap authenticated users. /etc/exports is : /exports 192.168.0.0/24(rw,fsid=0,no_subtree_check) Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch. In /etc/default/nfs-common : NEED_IDMAPD=yes In /etc/default/nfs-kernel-server : RPCNFSDCOUNT=75 RPCMOUNTDOPTS=--manage-gids 2 Clients (rhel6 x86 Ubuntu 12.04.2 i686) are mounting this nfs4 exported directory with no problems : When doing ls -l /home on this clients, I have : ... drwx-- 4 user100 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101 oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102 oldusers 4096 oct. 1 19:06 user102 drwx-- 36 user103 users4096 févr. 5 21:08 user103 drwx-- 36 user104 users4096 févr. 8 14:03 user104 drwx-- 30 user105 users4096 févr. 4 18:01 user105 drwx-- 28 user106 oldusers 4096 oct. 5 2011 user106 drwx-- 37 user107 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 user108 users4096 déc. 4 11:52 user108 drwx-- 4 user109 oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 user110 oldusers 4096 janv. 22 15:53 user109 drwx-- 31 user111 users4096 janv. 29 12:03 user110 ... uid/gid mapping works fine, authldap works fine, ... All Clients running Ubuntu 12.10 i686 or Ubuntu 12.10 amd64 are experiencing the same problem : The config files are the same that used in ubuntu 12.04. Auth ldap is correctly configured, user can log in. This is the /etc/fstab entry for /home : 192.168.0.1:/ /home nfs rw,nfsvers=4 0 0 Important lines in /etc/idmapd.conf : domain=my-domain.org [Translation] Method=nsswitch In /etc/default/nfs-common : NEED_IDMAPD=yes /etc/nsswitch.conf is : passwd: files ldap group: files ldap shadow: files ldap When doing ls -l /home there is a strange problem : drwx-- 4 4294967294 oldusers 4096 sept. 21 2011 user100 drwx-- 4 user101oldusers 4096 sept. 21 2011 user101 drwx-- 37 user102oldusers 4096 oct. 1 19:06 user102 drwx-- 36 4294967294 users4096 févr. 5 21:08 user103 drwx-- 36 4294967294 users4096 févr. 8 14:03 user104 drwx-- 30 4294967294 users4096 févr. 4 18:01 user105 drwx-- 28 4294967294 oldusers 4096 oct. 5 2011 user106 drwx-- 37 4294967294 oldusers 4096 janv. 8 14:52 user107 drwx-- 31 4294967294 users4096 déc. 4 11:52 user108 drwx-- 4 user109oldusers 4096 sept. 21 2011 user109 drwx--x--x 45 4294967294 oldusers 4096 janv. 22 15:53 user110 drwx-- 31 4294967294 users4096 janv. 29 12:03 user111 for 571 homedirs (this number varies at each reboot)/662, the owner is the value 4294967294. For the 91 remaining homedirs, the owner is correct. The gidnumber is correctly mapped for all (only 5 differents values used for gidNumber). In /var/log/syslog, I can see : For example : user110 is mapped as 4294967294. but the command id user110 returns : uid=31124(user110) gid=666(oldusers) groupes=666(oldusers) user110 logs in (auth ldap) from tty1. He runs ls -l /home/user110/ : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images Then, he runs touch /home/user110/test : drwxr-xr-x 8 4294967294 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 4294967294 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 4294967294 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 4294967294 oldusers0 févr. 13 16:01 test On the nfs server, If i do a ls -l in the same directory : drwxr-xr-x 8 user110 oldusers 4096 janv. 19 2012 Bureau drwxr-xr-x 3 user110 oldusers 4096 déc. 2 2011 Documents drwxr-xr-x 2 user110 oldusers 4096 déc. 2 2011 Images drwxr-xr-x 2 user110 oldusers0 févr. 13 16:01 test I can see that the test file is owned by the correct user. I've tried without with