NFS permission strangeness

Giulio Ferro auryn at
Thu Apr 15 14:28:14 UTC 2010

Here's the setup:
server : NFS server machine (fb 8 stable amd64 )
client : NFS client machine (as above)

server and client are both sharing the same permission database through 

Both have in /etc/nsswitch.conf
group: files ldap
passwd: files ldap

This issue isn't related to ldap, however. I get the same result if I 
manually add
groups to /etc/group file (read on)

Let's suppose I have user "giulio" configured in my system.
giulio is also part (-G) of groups:
group1, group2, group3, ... , group10

server is exporting the directory
/path/to/root (on zfs)

the directory
has permission 770 and group ownership "group3"

I login as user "giulio" on server I can enter "subdir1" directory, 
since I'm
member of group "group3"

I then login as user "giulio" on client, and I can do the same (as 

When groups are more than a few, however, I get this strange behavior:

let's suppose the directory:
has permission 770 and group ownership "group10"

What happens is that I can access "subdir2" on the server machine when I
login as "giulio", but when I try to access that same dir on the client 
I get:
$ cd /path/to/root/dir/etc
$ cd subdir2
subdir2/: Permission denied.

if I issue this command on the client:
$ id
I get :
uid=1000 (giulio), gid=1000 (giuliogroup), groups=group1(1001), 

So there shouldn't really be any reason for me not to be able to access 
that dir...

Any idea?

More information about the freebsd-net mailing list