Date: Mon, 13 Oct 2014 08:10:02 +0000 From: "=?utf-8?B?TG/Dr2MgQmxvdA==?=" <loic.blot@unix-experience.fr> To: "Rick Macklem" <rmacklem@uoguelph.ca> Cc: freebsd-fs@freebsd.org Subject: Re: NFSv4 nobody issue Message-ID: <1ffeae65b7b297266ee2d59dc0289d07@mail.unix-experience.fr> In-Reply-To: <8ca92a8e507970c5bc3e34c31c30561e@mail.unix-experience.fr> References: <8ca92a8e507970c5bc3e34c31c30561e@mail.unix-experience.fr> <1738545148.62071361.1412941900737.JavaMail.root@uoguelph.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, i tryed some other things User nobody (65534) -> chown nobody /usr/jail/test.file => problem Group nogroup (65533) -> chown :nogroup /usr/jail/test.file => same problem Group nobody (65534) -> chown :nobody /usr/jail/test.file => no problem Change user nobody UID from 65534 to 65533 => same problem. It's not a UID number problem but a name problem. Then, user nobody and group nogroup (not the integer values) are problematic. I looked at nfsuserd.c and i see: u_char *defaultuser = "nobody"; u_char *defaultgroup = "nogroup"; I think it's related. Regards, Loïc Blot, UNIX Systems, Network and Security Engineer http://www.unix-experience.fr 13 octobre 2014 09:15 "Loïc Blot" <loic.blot@unix-experience.fr> a écrit: > Hi, > of course i have it. On each node: > > # cat /etc/master.passwd | grep nobody > returns: > nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin > > It's why i do a report here :) > > Regards, > > Loïc Blot, > UNIX Systems, Network and Security Engineer > http://www.unix-experience.fr > > 10 octobre 2014 13:51 "Rick Macklem" <rmacklem@uoguelph.ca> a écrit: > >> Loic Blot wrote: >> >>> Hello @freebsd-fs, >>> i'm trying to do jail hosting over NFSv4 with ezjail and i'm >>> experimenting an issue that i can't resolve. When i extract >>> base.txz (with ezjail) or i set nobody user on a file, i have this >>> error: >>> >>> chown nobody:nobody /usr/jails/fulljail/mnt/ >>> No name and/or group mapping for uid,gid:(65534,65534) >>> chown: /usr/jails/fulljail/mnt/: Operation not permitted >>> >>> No problem if i set: >>> chown mysql:nobody /usr/jails/fulljail/mnt/ >>> >>> Problem appears on all files. >> >> Do you have a user by the name of "nobody" in your password database? >> (NFSv4 uses names and not numbers on the wire, so no name-->no mapping >> and chown can't be done.) >> >> rick >> >>> On my ZFS+NFSv4 server i do a dataset, exported in NFS >>> >>> /etc/exports: >>> V4: / >>> >>> zfs get sharenfs pool/jails: >>> -network=10.99.99.0 -mask=255.255.255.0 -maproot=root >>> >>> nfsuserd and nfsv4_server_enable=YES on both client and server, plus >>> nfsbcd on client. >>> >>> On the client here is the fstab entry >>> 10.99.99.99:/pool/jails /usr/jails nfs rw,nfsv4 0 0 >>> >>> What i'm doing wrong ? >>> >>> Thanks in advance >>> Regards, >>> >>> Loïc Blot, >>> UNIX Systems, Network and Security Engineer >>> http://www.unix-experience.fr >>> _______________________________ >>> >>> freebsd-fs@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-fs >>> To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" > > _______________________________ > > freebsd-fs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1ffeae65b7b297266ee2d59dc0289d07>