Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 18 Sep 2020 17:08:05 -0700
From:      "Russell L. Carter" <rcarter@pinyon.org>
To:        freebsd-current@freebsd.org
Subject:   Re: Documentation regarding NFSv4
Message-ID:  <df6efc1a-8389-be69-a5c5-b2c63e8c8cc1@pinyon.org>
In-Reply-To: <YTBPR01MB3966BDEAE81A05586086E345DD3F0@YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM>
References:  <20200918185319.7o27ciyviwdyhr7v@mutt-hbsd> <YTBPR01MB3966AFCC1828D45D85041BF5DD3F0@YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM> <YTBPR01MB3966BDEAE81A05586086E345DD3F0@YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2020-09-18 16:28, Rick Macklem wrote:
 > Oh, and I forgot to mention name<->id# mapping.
 > If using AUTH_SYS (not kerberos), then you have the
 > choice of running "nfsuserd" or setting these two sysctls to 1.
 > vfs.nfs.enable_uidtostring=1
 > vfs.nfsd.enable_stringtouid=1
 > --> This makes the server just handle id#s (uid, gid) as numbers in
 >         a string. (This is the default for Linux these days although 
it was
 > '       frowned upon in the early days.)
 >
 > Running nfsuserd maps uid, gid numbers to/from names using the
 > password and group databases. This must be used for Kerberos mounts.
 >
 > Without the above properly configured, you'll see lots of files owned
 > by "nobody" on the client mounts.

Those sysctls are interesting.  I wasn't aware of them and so I run
nfsuserd.  What do they do, practically speaking?  My understanding,
likely wrong, is that nfsuserd should allow different uid/gid
server->client mappings, possibly different for different clients.

However I still had to sync uid/gids across machines even though they
are all running nfsuserd.  Didn't disable nfsuserd because... system
is working... DFWI.

Anyway, naked FreeBSD-stable nfsv4 is rock solid in a clamped down
arena with a variety of FreeBSD and Debian clients.  Kudos.

Thanks,
Russell

 > rick
 >
 > ________________________________________
 > From: Rick Macklem <rmacklem@uoguelph.ca>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?df6efc1a-8389-be69-a5c5-b2c63e8c8cc1>