Unable to change ownership of NFSv4 shared directory in redhat linux 6.3
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Unable to change ownership of NFSv4 shared directory in redhat linux 6.3
Hi there,
I'm struck with a weird problem here.request your help.
I have enabled NFSv4 in one of my RHEL 6.3 server and mounted the same in RHEL 6.3 client. Now I wish to change the ownership of one of the file in nfs shared directory which is being prevented by the OS. Following is the error I received when I try to do so.
Code:
[root@cialqec os_pkgs]# chown crqadm.dba ss
chown: changing ownership of `ss': Invalid argument
Errors received in /var/log/messages in both client and server are
SERVER
Code:
Mar 2 16:48:06 cialdec rpc.idmapd[27958]: nss_getpwnam: name 'crqadm' not found in domain 'cok.aero'
CLIENT
Code:
Mar 2 15:29:23 cialqec kernel: NFS: v4 server 10.10.10.31 does not accept raw uid/gids. Reenabling the idmapper.
Seems like it is unable to map the user id of client in the server.
What method of authentication are you using for the server and client? Unless you are using something like LDAP or NIS to authenticate all of the machines to a single source, you cannot change the permissions on an NFS share. If you are using one of the authentication methods I mentioned, the root user on the client machine that you are logged in too will have to have root permissions on the NFS share in order to change owner of a file. This may sound odd, but root on one machine is not root on another without explicitly specifing that authority on the NFS share from the server. On the client machine, "root" will be seen as nfsnobody. You can test this by creating a file on the share and seeing what permissions you actually have.
HTH....if you stillhave trouble, please give more details about the current setup for clarity.
I'm very new to the terms LDAP and NIS.It will be of great help if you could give me more clarity on how to setup NIS/LDAP on server and client? and why is it required?
They're not necessarily required; they are centralised authentication systems instead of using local (per machine) authentication.
LDAP is similar (ish) to MSWin AD.
NIS is a simpler equivalent, and not much used as its strictly plaintext.
I am little more familiar with Solaris NFS, where in this id mapping will happen automatically. No NIS or LDAP is needed.
Now here in linux, the scenarios is , I have an NFS server with few user names of UIDs 501,502,503 and in the NFS client I have different user names with same UIDs as in server.
In NFS client,I need to change the ownership of a directory in NFS share from root to user1(UID 501). In NFS server UID 501 is mapped to user3.
id mapping is not automatic; its a requirement of NFS that they (uids, gids) be the same to effect normal usage, so the Admins will arrange that.
Normally NFS exports are created such that the client root id is downgraded (option root_squash); often as 'nfsnobody' or 'nobody' username, uid typically 65536 or some such.
Its not a good idea to allow remote root users access to the server.
Since ownerships can only be set by root, ownerships need to be changed at the server end.
But the NFS shared directory is for taking db level backup from all clients where it is mounted.So the ownership of the directory must be set to DB backup user name which differs between clients. Can you give me a solution/work around to achieve this ?
In that case, I'd create (on the SERVER) a dedicated DB_backup gid and make that the gid of the (SERVER) export. Create the same gid on the clients and you're gold
Remember that a user can be a member of multiple groups.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.