From owner-freebsd-current@FreeBSD.ORG Fri Jan 4 13:30:22 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7DFE63F7 for ; Fri, 4 Jan 2013 13:30:22 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-annu.net.uoguelph.ca (esa-annu.mail.uoguelph.ca [131.104.91.36]) by mx1.freebsd.org (Postfix) with ESMTP id 41BD3241 for ; Fri, 4 Jan 2013 13:30:21 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ap4EAE7Y5lCDaFvO/2dsb2JhbABFhjm3KnOCHgEBBAEjVgUWGAICDRkCWQaIIQalJ49MgSKOYIETA4hhjSqQSYMSggg X-IronPort-AV: E=Sophos;i="4.84,409,1355115600"; d="scan'208";a="7447395" Received: from erie.cs.uoguelph.ca (HELO zcs3.mail.uoguelph.ca) ([131.104.91.206]) by esa-annu.net.uoguelph.ca with ESMTP; 04 Jan 2013 08:30:20 -0500 Received: from zcs3.mail.uoguelph.ca (localhost.localdomain [127.0.0.1]) by zcs3.mail.uoguelph.ca (Postfix) with ESMTP id 8E349B3F0B; Fri, 4 Jan 2013 08:30:20 -0500 (EST) Date: Fri, 4 Jan 2013 08:30:20 -0500 (EST) From: Rick Macklem To: "O. Hartmann" Message-ID: <416983367.1668162.1357306220561.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <50E6AB65.5030309@zedat.fu-berlin.de> Subject: Re: r245005M: NFSv4 usermapping not working anymore MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [172.17.91.202] X-Mailer: Zimbra 6.0.10_GA_2692 (ZimbraWebClient - FF3.0 (Win)/6.0.10_GA_2692) Cc: Current FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2013 13:30:22 -0000 O. Hartmann wrote: > Since yesterday's update and buildworld on two FreeBSD 10.0-CURRENT > boxes, i realize a strange behaviour. I have one server exporting via > NFSv4 several ZFS volumes. The UID mapping went pretty well so far, > but > with a reboot of yesterday (after a buildworld), files are seen with > uid > root:wheel and users are no longer seen. > You might want to check (ifconfig -a) and see that there is a mapping for 127.0.0.1 for lo. That is what is used to do the upcall to nfsused and some systems have had this missing recently. (I had the impression that the problem was caused by r244678, which was reverted by r244989, but maybe your system still has that issue.) Here's basically how it works, which may help with diagnosing what is going on: - when the nfsuserd starts up, it pushes a DNS domain (usually the hostname with the first component stripped off) plus a couple of hundred mappings acquired via getpwent()/getgrent() into the kernel cache. (The easiest way to break it for all users is to have the wrong DNS domain name. "man nfsuserd" gives you a command line option that can override the default of using the hostname.) - Then the nfsuserd waits for upcalls for cache misses and pushes mappings for those requests into the kernel. - The cache entries time out with a rather long default of 1hr. To get entries, nfsused just uses the getpwent() and getgrent() libc calls, so it depends on whatever you have configured for that via /etc/nsswitch.conf. I'll grab a new kernel and do a quick test, to see if it works ok for me. (The most recent commit related to this is r240720, which added support to the client for numeric uids/gids in the string on the wire. This change should not have affected the server.) Good luck with it, rick > The server and client in question are > > server: FreeBSD 10.0-CURRENT #2 r245005M: Thu Jan 3 20:25:00 CET 2013 > client: FreeBSD 10.0-CURRENT #2 r245005M: Thu Jan 3 20:27:25 CET 2013 > > I think this is not supposed to be that way. Another box, our lab's > server, doesn't show this phenomenon (but at the moment I have only > the > opportunity to check with a FreeBSD 9.1-STABLE client). This specific > server is > > server-1: FreeBSD 10.0-CURRENT #0 r244957: Wed Jan 2 12:06:13 CET 2013 > > By the way, can someone give me a hint why some boxes show up with an > attached "M" to the SVN revision number (like r245005M)? > > Thanks, > > oh