Migrating from NFSv3 to v4 - NFSv4 ACL/permission confusion
Joe Auty
joe at netmusician.org
Mon Dec 6 23:21:17 UTC 2010
Rick Macklem wrote:
>> I might be misunderstanding you, but ZFS definitely supports NFSv3
>> because I've been mounting and using NFS volumes via this protocol
>> version for quite some time now without incident.
>>
> Yep, but you couldn't do a getfacl or setfacl in the client to
> manipulate the ACLs. On an NFSv4 mount, you should be able to do
> a getfacl or setfacl if the volume on the server supports NFSv4 ACLs.
>
> I suspect the failing "chown" doesn't have anything to do with ACLs.
> (It might be that the server doesn't know "joe" as a user, for example.
> In NFSv3, it would have sent "joe's" uid to the server, which is just
> a number it always trusts. For NFSv4, it will have sent "joe@<your.domain>"
> to the server and the NFS server must then know "joe" so it can turn
> that into "joe's" uid.)
>
> It just hit me that you said "joe" was a local user in the client?
> (For NFSv4 to work, the user names must be in the server's passwd
> database as well. Usually all the clients and servers share the
> same user and group databases via LDAP or NIS, but you can just
> copy /etc/passwd and /etc/group entries around, if you like.
> After updating the server's /etc/passwd or /etc/group, I don't
> know what you need to do to get Solaris's NFSv4 server to see the
> update. I always just reboot it. For a FreeBSD server, it should
> find additions. For deletions or changes to an entry, you can
> either wait for it to time out the cache or kill/restart the nfsuserd.)
>
> rick
>
Aha! Progress...
This requirement is problematic for me right now for a variety of
reasons including that I'm not using LDAP or NIS (although I will in the
future). Is there anyway to get NFSv4 to behave like v3 in this respect
so that these users don't need to exist on the NFS server side?
--
Joe Auty, NetMusician
NetMusician helps musicians, bands and artists create beautiful,
professional, custom designed, career-essential websites that are easy
to maintain and to integrate with popular social networks.
www.netmusician.org <http://www.netmusician.org>
joe at netmusician.org <mailto:joe at netmusician.org>
More information about the freebsd-fs
mailing list