** Description changed: uid and gid appear to not map properly from nfsidmap in a nfsv4 with sec=krb5. UID and GID are mapping properly on CentOS server and CentOS client. Ubuntu nfs client file permissions are honored, but display in `ls -lan` command are incorrect. $ cat /var/log/syslog |grep nfsidmap Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: key: 0x24a1c64d type: uid value: [email protected]@AD.SIU.EDU timeout 600 Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nfs4_name_to_uid: calling nsswitch->name_to_uid Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nss_getpwnam: name '[email protected]@XX.XX.EDU' domain 'XX.XX.EDU': resulting localname '(null)' Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nss_getpwnam: name '[email protected]@XX.XX.EDU' does not map into domain 'XX.XX.EDU' Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22 Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nfs4_name_to_uid: final return value is -22 Mar 8 16:38:34 ubuntuclient nfsidmap[24736]: nfs4_name_to_uid: calling nsswitch->name_to_uid $ $ mount -v -t nfs4 -o sec=krb5 SP19SRV.XX.XX.EDU:/export /mnt $ su userX $ ls -la /mnt total 4 drwxr-xr-x 5 nobody 4294967294 50 Feb 28 18:04 . drwxr-xr-x 24 root root 4096 Mar 7 22:34 .. drwxr-xr-x 2 nobody 4294967294 125 Mar 8 16:27 userX $ + Problem: + nfsmapid isn't showing proper file permissions on the ubuntu nfsv4 client with sec=krb + + Client: + mount -v -t nfs4 -o sec=krb5 SP19SRV.AD.SIU.EDU:/export /mnt + + $ ls -la + total 4 + drwxr-xr-x 5 nobody 4294967294 50 Feb 28 18:04 . + drwxr-xr-x 24 root root 4096 Mar 7 20:58 .. + drwxr-xr-x 2 nobody 4294967294 112 Mar 7 14:30 username + [email protected]@ubuntuclient:/mnt + + $ cat /etc/idmapd.conf + [General] + + Verbosity = 9 + Pipefs-Directory = /run/rpc_pipefs + # set your own domain here, if it differs from FQDN minus hostname + Domain = XX.XXX.EDU + + [Mapping] + + Nobody-User = nobody + Nobody-Group = nogroup + + + $ cat /etc/default/nfs-common + STATDOPTS= + + # Do you want to start the gssd daemon? It is required for Kerberos mounts. + NEED_GSSD="yes" + NEED_IDMAPD="yes" + + # I've tried commenting out NEED_IDMAPD as well. + + My nfs server is a Centos 7. + + Both machines were joined to active directory with sssd. NFSv4 with krb + security works on my centos server and client. The nfs server mount + works on the ubuntu client and file permissions are honored. But, the + ls -la command is showing the incorrect file permissions. + + uid and gid's appear to be in sync from sssd. + + Please let me know if you need any additional information, thanks, + ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: nfs-common 1:1.3.4-2.1ubuntu5 ProcVersionSignature: Ubuntu 4.15.0-46.49-generic 4.15.18 Uname: Linux 4.15.0-46-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.5 Architecture: amd64 Date: Fri Mar 8 17:48:13 2019 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: nfs-utils UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.nfs-common: 2019-03-07T21:45:28.468860
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1819197 Title: nss_getpwnam: name '[email protected]@XX.XX.EDU' domain 'XX.XX.EDU': resulting localname '(null)' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1819197/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
