From owner-freebsd-fs@FreeBSD.ORG Sun Aug 1 00:32:19 2010 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4CC051065677 for ; Sun, 1 Aug 2010 00:32:19 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-annu.mail.uoguelph.ca (esa-annu.mail.uoguelph.ca [131.104.91.36]) by mx1.freebsd.org (Postfix) with ESMTP id 0541A8FC1C for ; Sun, 1 Aug 2010 00:32:18 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApwEANddVEyDaFvO/2dsb2JhbACDE54FrTKQTYEmgyBzBIh/ X-IronPort-AV: E=Sophos;i="4.55,296,1278302400"; d="scan'208";a="86942036" Received: from erie.cs.uoguelph.ca (HELO zcs3.mail.uoguelph.ca) ([131.104.91.206]) by esa-annu-pri.mail.uoguelph.ca with ESMTP; 31 Jul 2010 20:32:14 -0400 Received: from zcs3.mail.uoguelph.ca (localhost.localdomain [127.0.0.1]) by zcs3.mail.uoguelph.ca (Postfix) with ESMTP id 0E17EB3E96; Sat, 31 Jul 2010 20:32:17 -0400 (EDT) Date: Sat, 31 Jul 2010 20:32:16 -0400 (EDT) From: Rick Macklem To: Joe Auty Message-ID: <763314735.215468.1280622736448.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <4C4FDCCD.1080904@netmusician.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [24.65.230.102] X-Mailer: Zimbra 6.0.7_GA_2476.RHEL4 (ZimbraWebClient - SAF3 (Mac)/6.0.7_GA_2473.RHEL4_64) Cc: freebsd-fs@freebsd.org Subject: Re: NFSv4 permissions issues X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Aug 2010 00:32:19 -0000 From: "Joe Auty" > To: freebsd-fs@freebsd.org > Sent: Wednesday, July 28, 2010 3:31:25 AM > Subject: NFSv4 permissions issues > > Hello, > > In FreeBSD 8.1 when mounting an NFSv4 share (hosted by Solaris 10/ZFS) I > cannot create or alter any files on this share nor any other share > mounted from this same ZFS server. When I try to do so I get permission > denied error messages. This same share does not give me any problems > when mounted with identical mount options except for specifying NFSv3 > rather than NFSv4... i.e. > > mount -t nfs -o rw,tcp,intr,noatime,nfsv3 myip:/path /path > > works fine, and: > > mount -t nfs -o rw,tcp,intr,noatime,nfsv4 myip:/path /path > > exhibits the above problems... > > > Any idea why this is so and what I ought to do to test using NFSv4 on > this machine? 1 - look to see if the username/groupname mappings are working. (NFSv4 uses name and not#s.) - just do an "ls -lg" on some NFSv4 mounted dir. to see if they look ok. (lotsa "nobdy"'s --> busted) If it's busted, look at the setup of nfsuserd and the "domain" specified, which is usually the domain part of the host's name, but can be overridden by a flag option on nfsuserd and in a config file on Solaris10. 2 - Make sure you user/group names and uid/gid numbers are consistent between client and server. NFSv4 always specifies the groupname of a newly created file object, so those groups/gids must be correct. If the above doesn't resolve it, look at a snoop trace for the failed access and see what the user/group names (and uid/gid #s in the RPC header) look like. This is most likely something related to the user/group name and number mapping, rick