NFS v4 id mapping

    • OMV 1.0
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • NFS v4 id mapping

      I have issue where I tried map tomcat:tomcat NFS share and can't make it work.
      From web UI I can't set user with specific uid and gid. I created user from shell.
      I set /etc/idmapd.conf with and even tried expire cache, but nothing helps it mounting as nobody:nobody
      Also tried anonuid=91,anongid=91 and it didn't worked either.
      If I am trying change permission on client getting error.
      I am using ldap on the system as authentication.

      kernel: NFS: v4 server does not accept raw uid/gids. Reenabling the idmapper.

      Source Code

      1. [General]
      2. Cache-Expiration = 10
      3. Verbosity = 5
      4. Pipefs-Directory = /var/lib/nfs/rpc_pipefs
      5. # set your own domain here, if id differs from FQDN minus hostname
      6. Domain =
      7. [Mapping]
      8. Nobody-User = nobody
      9. Nobody-Group = nogroup
      Display All

      Source Code

      1. /export/WebAppData00,no_root_squash,no_subtree_check,crossmnt,fsid=0)
      2. # NFSv4 - pseudo filesystem root
      3. /export,fsid=0,root_squash,no_subtree_check,hide)
    • OK finally after 4.5 days poking around. Issue has being resolved.

      Problem is on NFS client which RHEL 7.0 can't see mapped user name and group.
      Resolution: Correct nfs option line to use like this and the trick clear cache on client, because NFSv4 will cache the mount params.

      Source Code

      1. 'subtree_check,secure,no_root_squash,anonuid=UID,anongid=GID,fsid=0'

      Will be nice to have in Web UI ability specify if it is local user or ldap and UID with GID for new user.

      Here how I mounted on NFS with specific UID and GUI
      1. Add local user from shell
      useradd -M -s /usr/bin/nologin -u 91 tomcat
      2. Correct GUI make sure it match UID
      groupadd tomcat
      groupmod -g 91 tomcat
      usermod -g tomcat tomcat
      usermod -g users tomcat
      Check user group membership
      groups tomcat
      tomcat : tomcat users
      3. Enable ID mapper for NFS4
      4. Modify /etc/idmapd.conf set proper local domain don't use localdomain it will not work check you /etc/hosts.
      5. Go to Web interface create NFS share make sure speicy in option UID and GUI.
      6. Set permission in Web interface. Where ACL option select tomcat and group tomcat.
      7. Save apply.
      8. Got to client and create mount directory with mount options like this for NFS4.
      mount -v -t nfs4 -o soft,intr,rsize=8192,wsize=8192,proto=tcp /MountFolder
      9. Then do ls -la and permission should show up under mounted directory. If not then clear cache on client as command in red.

      Clear cache on nfs client

      nfsidmap -c

    • I also had problem on the client (OpenSuse 12.3). In case it helps someone else, OpenSuse does not enable nfs client services by default. It was confusing, however, because the mount command still worked but everything was nobody:nobody. After enabling nfs client service daemons, everything worked.

      To facilitate NFS usage, it would be nice if the OpenMediaVault web GUI had the following:

      1. Ability to set/change users' UID and GID (especially to help with nfs3 users)

      2. Ability to set options and domain override in idmapd.conf

      Without this, it is difficult to configure nfs usage completely through the GUI.