Date: Sat, 31 Jul 2010 21:58:01 -0400 (EDT) From: Rick Macklem <rmacklem@uoguelph.ca> To: Joe Auty <joe@netmusician.org> Cc: freebsd-fs@freebsd.org Subject: Re: NFSv4 permissions issues Message-ID: <235033195.215985.1280627881678.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <4C54C8E0.8020504@netmusician.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[stuff snipped for brevity] > At the time the user/groups were showing up as root:joe. > Ok, so an "ls -lg" on the NFSv4 mounted volume showed the files owned by root/joe? If so, nfsuserd seems to be working. Does root and joe have the same uid and gid #s on the client and server. NFSv4 will be pickier about the gid, so make sure joe is in both the client and server as the same gid#. > Is snoop trace an strace? > I was referring to using snoop to capture packets and then look at them. On Solaris I use something like: # snoop -q -o xx.cap host <client_host> - I run an offending command(s), then kill the above and: # snoop -t r -v -i xx.cap > xx The file "xx" now has a verbose description of the packets. Take a look at the AUTH_SYS part of the RPC header (where the uid and gids live) and the various attributes in the request that probably failed with NFS4ERR_ACCESS. Alternately, you can use wireshark. (tcpdump knows diddly about NFSv4, so it can only be used for the packet capture and not the analysis. rick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?235033195.215985.1280627881678.JavaMail.root>