Date: Mon, 06 Dec 2010 18:21:13 -0500 From: Joe Auty <joe@netmusician.org> To: Rick Macklem <rmacklem@uoguelph.ca> Cc: freebsd-fs@freebsd.org, =?ISO-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> Subject: Re: Migrating from NFSv3 to v4 - NFSv4 ACL/permission confusion Message-ID: <4CFD6FE9.4020406@netmusician.org> In-Reply-To: <1515785960.1261915.1291677440081.JavaMail.root@erie.cs.uoguelph.ca> References: <1515785960.1261915.1291677440081.JavaMail.root@erie.cs.uoguelph.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Rick Macklem wrote: >> I might be misunderstanding you, but ZFS definitely supports NFSv3 >> because I've been mounting and using NFS volumes via this protocol >> version for quite some time now without incident. >> > Yep, but you couldn't do a getfacl or setfacl in the client to > manipulate the ACLs. On an NFSv4 mount, you should be able to do > a getfacl or setfacl if the volume on the server supports NFSv4 ACLs. > > I suspect the failing "chown" doesn't have anything to do with ACLs. > (It might be that the server doesn't know "joe" as a user, for example. > In NFSv3, it would have sent "joe's" uid to the server, which is just > a number it always trusts. For NFSv4, it will have sent "joe@<your.domain>" > to the server and the NFS server must then know "joe" so it can turn > that into "joe's" uid.) > > It just hit me that you said "joe" was a local user in the client? > (For NFSv4 to work, the user names must be in the server's passwd > database as well. Usually all the clients and servers share the > same user and group databases via LDAP or NIS, but you can just > copy /etc/passwd and /etc/group entries around, if you like. > After updating the server's /etc/passwd or /etc/group, I don't > know what you need to do to get Solaris's NFSv4 server to see the > update. I always just reboot it. For a FreeBSD server, it should > find additions. For deletions or changes to an entry, you can > either wait for it to time out the cache or kill/restart the nfsuserd.) > > rick > Aha! Progress... This requirement is problematic for me right now for a variety of reasons including that I'm not using LDAP or NIS (although I will in the future). Is there anyway to get NFSv4 to behave like v3 in this respect so that these users don't need to exist on the NFS server side? -- Joe Auty, NetMusician NetMusician helps musicians, bands and artists create beautiful, professional, custom designed, career-essential websites that are easy to maintain and to integrate with popular social networks. www.netmusician.org <http://www.netmusician.org>; joe@netmusician.org <mailto:joe@netmusician.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CFD6FE9.4020406>