[vox-tech] NFS and user IDs

Mike Simons vox-tech@lists.lugod.org
Sun, 02 Mar 2003 23:33:30 -0500 

On Sun, Mar 02, 2003 at 12:18:12PM -0800, Rod Roark wrote:
> On Sunday 02 March 2003 09:50 am, Shawn P. Neugebauer wrote:
> > On Sunday 02 March 2003 09:20 am, Rod Roark wrote:
> > > Anyone know if there's a way to map user IDs (other than
> > > root) across NFS?

Rod,

  If you want to go through the hassle I would recommend looking into
this package... which I've not used before but sounds about right.
====
Package: ugidd
Priority: optional
Section: net
Installed-Size: 108
Maintainer: Herbert Xu <herbert@debian.org>
Architecture: i386
Source: nfs-user-server
Version: 2.2beta47-12
Replaces: netstd, nfs-server (<< 2.2beta46-4)
Depends: portmap | netbase (<< 4.00), libc6 (>= 2.2.4-4), libwrap0
Filename: pool/main/n/nfs-user-server/ugidd_2.2beta47-12_i386.deb
Size: 24960
MD5sum: 93b5586424283f18578e7f712e20e87e
Description: NFS UID mapping daemon.
 This package contains the UID mapping daemon (rpc.ugidd) which is used on
 NFS clients to do UID/GID mapping.
====

> > > I.e., user "rod" on the client machine has ID 1000, but on
> > > the NFS server is 500, and I'd like general access to my
> > > home directory from the client.
> 
> but did not, is an entry like this in /etc/exports:
> 
> /home rod(rw,all_squash,anonuid=500,anongid=500)
> 
> However when I mount this from the client I still get a
> permission-denied error when trying to cd into my home
> directory.  I don't understand this.

  Based on my read of the documentation that should do what you expect 
it to... no error.  I tried the following here with the demo machine:

/etc/exports:
====
/home/lugod 10.10.10.*(rw,all_squash,anonuid=1001,anongid=1001)
====

  It worked on the client machines but not until *after* restarting the
nfs-server components.  (a reload didn't take effect for some reason)...
on this machine that involved:
===
/etc/init.d/nfs-kernel-server restart
/etc/init.d/nfs-common restart
===

  You may want to try again...

  Also I agree with Shawn about making the UIDs be the same on your
network... it's often less painful long term.

    Good Luck,
      Mike