Re: NFS drive uids/gids completely broken- for a little while

To: debian-user@lists.debian.org
Subject: Re: NFS drive uids/gids completely broken- for a little while
From: Bob Proulx <bob@proulx.com>
Date: Wed, 27 May 2015 13:31:52 -0600
Message-id: <[🔎] 20150527132710382592196.NoCcsPlease@bob.proulx.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20150527082516.3b6779fd@cedar.deldotd.com>
References: <[🔎] 20150527082516.3b6779fd@cedar.deldotd.com>

briand@aracnet.com wrote:
> This is a weird one.

That is a little weird that it was a transient glitch of a failure.

> Tried to use ssh and saw a "bad permissions" error on my .ssh/config file.
> 
> I do ls -l and i see uids/gids of 2^32-1 or a similar very large integer.
> 
> WTF ?!

Are you using --manage-gids?

  root@fs:~# grep manage-gids /etc/default/nfs-kernel-server 
  RPCMOUNTDOPTS=--manage-gids

  $ man rpc.mountd

   -g  or  --manage-gids
      Accept requests from the kernel to map user id numbers into
      lists of group id numbers for use in access control.  An NFS
      request will normally (except when using Kerberos or other
      cryptographic authentication) contains a user-id and a list of
      group-ids.  Due to a limitation in the NFS protocol, at most 16
      groups ids can be listed.  If you use the -g flag, then the list
      of group ids received from the client will be replaced by a list
      of group ids determined by an appropriate lookup on the
      server. Note that the 'primary' group id is not affected so a
      newgroup command on the client will still be effective.  This
      function requires a Linux Kernel with version at least 2.6.21.

That is normal for an NIS/yp environment.  But it means that uid
lookups are done over the network.  A transient network would return
-1 error codes for all of the numbers.  It will make user ids appear
to be -1.

> So i go back to the server to make sure the ownership hasn't been
> borked some way and everything is fine.
> 
> I go back to my account on the client, do 'ls -l' again, and
> everything is as it should be.
> 
> WTF ?!

I am thinking it was a transient network failure coupled with the
above --manage-gids setting.

> 1 my NFS drives are mounted at boot. i've noticed that i get errors
> about something not being ready, or auto mounting being a problem,
> but up until now i haven't seen any real problems.
> 
> 2 i can't look at those boot messages i see in 1.  why is it that a
> permanent method, installed by DEFAULT has never been implemented to
> look at boot messages ?

I don't know either.  I always install bootlogd since it was split
into a separate package.

Bob

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: NFS drive uids/gids completely broken- for a little while
  - From: <briand@aracnet.com>

References:
- NFS drive uids/gids completely broken- for a little while
  - From: <briand@aracnet.com>

Prev by Date: Re: How to boot without GUI
Next by Date: Re: How to boot without GUI
Previous by thread: Re: NFS drive uids/gids completely broken- for a little while
Next by thread: Re: NFS drive uids/gids completely broken- for a little while
Index(es):
- Date
- Thread