LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Unable to change ownership of NFSv4 shared directory in redhat linux 6.3 (http://www.linuxquestions.org/questions/linux-server-73/unable-to-change-ownership-of-nfsv4-shared-directory-in-redhat-linux-6-3-a-4175452367/)

sree.m 03-02-2013 05:25 AM

Unable to change ownership of NFSv4 shared directory in redhat linux 6.3
 
Hi there,

I'm struck with a weird problem here.request your help.

I have enabled NFSv4 in one of my RHEL 6.3 server and mounted the same in RHEL 6.3 client. Now I wish to change the ownership of one of the file in nfs shared directory which is being prevented by the OS. Following is the error I received when I try to do so.

Code:

[root@cialqec os_pkgs]# chown crqadm.dba ss
chown: changing ownership of `ss': Invalid argument

Errors received in /var/log/messages in both client and server are

SERVER
Code:

Mar  2 16:48:06 cialdec rpc.idmapd[27958]: nss_getpwnam: name 'crqadm' not found in domain 'cok.aero'
CLIENT
Code:

Mar  2 15:29:23 cialqec kernel: NFS: v4 server 10.10.10.31 does not accept raw uid/gids. Reenabling the idmapper.
Seems like it is unable to map the user id of client in the server.

Pls post in a solution. Thanks in advance

Rgrds,
Sreejith

netnix99 03-03-2013 02:01 PM

Sreejith,

What method of authentication are you using for the server and client? Unless you are using something like LDAP or NIS to authenticate all of the machines to a single source, you cannot change the permissions on an NFS share. If you are using one of the authentication methods I mentioned, the root user on the client machine that you are logged in too will have to have root permissions on the NFS share in order to change owner of a file. This may sound odd, but root on one machine is not root on another without explicitly specifing that authority on the NFS share from the server. On the client machine, "root" will be seen as nfsnobody. You can test this by creating a file on the share and seeing what permissions you actually have.

HTH....if you stillhave trouble, please give more details about the current setup for clarity.

sree.m 03-03-2013 11:14 PM

Thanks for your valuable reply.

I'm very new to the terms LDAP and NIS.It will be of great help if you could give me more clarity on how to setup NIS/LDAP on server and client? and why is it required?

Regards,
Sreejith

chrism01 03-03-2013 11:23 PM

They're not necessarily required; they are centralised authentication systems instead of using local (per machine) authentication.
LDAP is similar (ish) to MSWin AD.
NIS is a simpler equivalent, and not much used as its strictly plaintext.

With NFS, the uid (not the username) must match on both ends of the connection.
(Also gid if using group perms)
See Chap 18 http://www.linuxtopia.org/online_boo...ion/index.html.

This site has howtos for the various protocols http://www.linuxhomenetworking.com/

sree.m 03-04-2013 12:21 AM

Hi,

I am little more familiar with Solaris NFS, where in this id mapping will happen automatically. No NIS or LDAP is needed.

Now here in linux, the scenarios is , I have an NFS server with few user names of UIDs 501,502,503 and in the NFS client I have different user names with same UIDs as in server.

In NFS client,I need to change the ownership of a directory in NFS share from root to user1(UID 501). In NFS server UID 501 is mapped to user3.

Can you suggest me a way forward?

Thanks,
Sreejith

chrism01 03-04-2013 04:08 AM

id mapping is not automatic; its a requirement of NFS that they (uids, gids) be the same to effect normal usage, so the Admins will arrange that.
Normally NFS exports are created such that the client root id is downgraded (option root_squash); often as 'nfsnobody' or 'nobody' username, uid typically 65536 or some such.
Its not a good idea to allow remote root users access to the server.

Since ownerships can only be set by root, ownerships need to be changed at the server end.

See those links of mine.

sree.m 03-04-2013 09:39 AM

Thanks chrism01 for your advice.

But the NFS shared directory is for taking db level backup from all clients where it is mounted.So the ownership of the directory must be set to DB backup user name which differs between clients. Can you give me a solution/work around to achieve this ?

Rgrds,
Sreejith

chrism01 03-04-2013 09:53 PM

In that case, I'd create (on the SERVER) a dedicated DB_backup gid and make that the gid of the (SERVER) export. Create the same gid on the clients and you're gold :)
Remember that a user can be a member of multiple groups.

sree.m 03-06-2013 11:26 PM

Very good advice. Thank you so much.

Rgrds,
Sreejith


All times are GMT -5. The time now is 10:44 PM.