FreeBSD 11.2-RELEASE - mountd problem - mountd[1056]: unknown user: root
John Newman
jnn at synfin.org
Wed Jul 25 13:40:51 UTC 2018
Hello -
I'm having a problem with one of my FreeBSD NFS servers. It's an
11.2-RELEASE box (upgraded fairly recently from 10.1), and actually
we had the same issue even when it was on 10.x.
Basically, what is happening is several of my NFS exports that are
configured with "-maproot=root" (and they are actually ZFS NFS
exports, in /etc/zfs/exports, configured with the 'zfs set
sharenfs="..."' command - if that matters, which I don't think it
does) are generating the following error messages when the machine
first boots up -
Jul X 15:19:58 nfs5 mountd[1094]: unknown user: root
Jul X 15:19:58 nfs5 mountd[1094]: message repeated 14 times: [ unknown
user: root]
To fix the issue, I simply HUP the mountd process. Until I HUP the
mountd process, none of the clients that depend on being able to
write to their NFS shares as root work properly - they are read-only.
As soon as I HUP mountd, the issue goes away, no more "unknown user:
root" errors, and the mounts become writable for their clients.
I think this is tied into the fact this box uses sssd for LDAP
authentication, because I don't see this issue on another 11.2
machine configured very similarly that isn't using sssd. The LDAP
authentication works fine, the relevant lines in /etc/nsswitch.conf
look like -
$ grep sss /etc/nsswitch.conf
group: sss files
passwd: sss files
It feels like this may be some sort of ordering issue with the start
up scripts - mountd running before sssd is running? But why doesn't
it fall back to "files" and find root that way? We do *not* have a
root user in our ldap directory anyway. Someone on IRC has suggested
that I should swap the "sss files" to "files sss", but I'm not sure
if this would help or not... For now, I simply added the following
work-around to my /etc/rc.local:
kill -s HUP `cat /var/run/mountd.pid`
Has anyone seen a similar issue, or have any ideas? I CC'd Rick
because I understand he is the NFS maintainer.
thanks,
John
--
GPG fingerprint: 17FD 615A D20D AFE8 B3E4 C9D2 E324 20BE D47A 78C7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20180725/d4fe35b6/attachment.sig>
More information about the freebsd-stable
mailing list