Table of Contents
Scope/Description
- This article will cover resolving an issue when mounting NFS shares that are not honoring the permissions when mounted on a NFS client.
Prerequisites
- Storinator or Cluster with a configured storage pool
- SSH access to the server or cluster
- Configured and accessible NFS share(s)
Diagnosis
- On the NFS client we can see the issue with the ownership by running a ls -al on the mounted directory. There will also be error messages located in /var/log/messages.
- To diagnose this issue, on the client, run the following command:
cat /var/log/messages | grep nss_getpwnam
The output from this command should be something similar to:
nfsidmap[11441]: nss_getpwnam: name ‘user@exampledomain.com’ does not map into domain ‘localdomain’
This tells us there is an issue with the NFS share not mapping the proper domain credentials when mounted.
Resolution
- To resolve this issue, we need to modify the /etc/idmapd.conf file with the proper domain(FQDN). This change needs to be made on both the client and the server.
- We need to change the #Domain variable to:
Be sure to uncomment(remove the #) before Domain.
- From here, we need to restart the idmap service and clear the cache.
- Restart the service
systemctl restart nfs-idmapd.service
Clear the cache
nfsidmap -c
Remount the share
mount -o remount /nfs/mount/point
Verification
Running a ls -al command should now list the shared files with the proper ownership users and groups.
Views: 1769