On Mon, Nov 10, 2014 at 05:24:52PM +0100, Joschi Brauchle wrote: > Hello all, > > I am experiencing strange behaviour of some of my NFS clients running > SSSD-AD 1.12.1. Some machines seem to be losing the 'group name <-> GID' > mapping on files on an NFS share, see this example: > --------------- > $ l -d SOMEFOLDER > drwxrwxr-x 17 root 4294967294 4096 Nov 6 15:31 SOMEFOLDER/ > $ stat SOMEFOLDER > File: ‘SOMEFOLDER’ > Size: 4096 Blocks: 8 IO Block: 65536 directory > Device: 26h/38d Inode: 27258 Links: 17 > Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: (4294967294/ > UNKNOWN) > ... > --------------- > Also all files SOMEFOLDER/* are affected. > > I know the group the folder is supposed to have is set correctly and other > clients show its name. Also, users who are in the missing group show the > groupname and GID just fine when doing an 'id USERNAME'.
This sounds similar to the issue Sergey Urushkin had reported to sssd-users earlier today. At the same time, I wonder why the GID is being reported as 4294967294, isn't that nfsnobody or a similar 'fallback' user? > > Restarting SSSD resolves the issue for some time. > > My SSSD config is as follows: > --------------- > [sssd] > config_file_version = 2 > services = nss,pam > domains = default > [nss] > filter_groups = root > filter_users = root > [pam] > [domain/default] > id_provider = ad > auth_provider = ad > access_provider = simple > chpass_provider = ad > ad_domain = ... > ad_enable_gc = False > ldap_id_mapping = False > enumerate = False > ignore_group_members = True > dyndns_update = False > cache_credentials = True > ldap_search_base = ... > ldap_user_search_base = ... > ldap_group_search_base = ... > ldap_user_search_scope = one > ldap_group_search_scope = one > krb5_ccachedir = /run/user/%U > krb5_ccname_template = DIR:%d/krb5cc > override_homedir = ... > simple_allow_groups = ... > --------------- > > Is this a known problem with 1.12.1? > I will test with 1.12.2 soon, but as the problem only appears randomly, I > thought I'd already ask now... > > Best regards, > J Brauchle > > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
