Hello -
I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
/shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
Wonderful.
But on the new system, when I set up /etc/exports the same way, I get this error:
[root@nfs2013 etc]# exportfs -av exportfs: /etc/exports:1: unknown keyword "mapping=identity"
[root@nfs2013 etc]#
Getting rid of "mapping=identity", my shared directory exports just fine.
I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
Thanks
- Greg Scott
Any takers on this?
thanks
- Greg
-----Original Message----- From: users-bounces@lists.fedoraproject.org [mailto:users-bounces@lists.fedoraproject.org] On Behalf Of Greg Scott Sent: Saturday, February 16, 2013 3:10 PM To: 'users@lists.fedoraproject.org' Subject: What does "mapping=identity" mean in /etc/exports?
Hello -
I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
/shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
Wonderful.
But on the new system, when I set up /etc/exports the same way, I get this error:
[root@nfs2013 etc]# exportfs -av exportfs: /etc/exports:1: unknown keyword "mapping=identity"
[root@nfs2013 etc]#
Getting rid of "mapping=identity", my shared directory exports just fine.
I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
Thanks
- Greg Scott
Greg Scott wrote:
Hello -
I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
/shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
Wonderful.
But on the new system, when I set up /etc/exports the same way, I get this error:
[root@nfs2013 etc]# exportfs -av exportfs: /etc/exports:1: unknown keyword "mapping=identity"
[root@nfs2013 etc]#
Getting rid of "mapping=identity", my shared directory exports just fine.
I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
I believe this is some arcane invocation of idmapd functionality. Going back to SunOS memories, it took the user name (or perhaps number) as trusted and allowed you to access things if your usernum was the same on the client. Understand that Solaris replaced SunOS about 20 years ago, and don't put full faith in my memory.
In any case, if you have the same UID on all machines you will probably be fine, but otherwise you will have to build a config file and run idmapd. The documentation sucks, it isn't you, but "man idmapd" will get you started.
Hi Bill running Fedora 18, I tried:
# rpm -q idmapd package idmapd is not installed
then:
# yum install idmapd Loading mirror speeds from cached hostfile * fedora: ftp.linux.ncsu.edu * livna: rpm.livna.org * rpmfusion-free: mirror.us.leaseweb.net * rpmfusion-free-updates: mirror.us.leaseweb.net * rpmfusion-nonfree: mirror.us.leaseweb.net * rpmfusion-nonfree-updates: mirror.us.leaseweb.net * updates: mirror.metrocast.net No package idmapd available. Error: Nothing to do
Any suggestions?
Thanks
----- Original Message ----- Greg Scott wrote:
Hello -
I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
/shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
Wonderful.
But on the new system, when I set up /etc/exports the same way, I get this error:
[root@nfs2013 etc]# exportfs -av exportfs: /etc/exports:1: unknown keyword "mapping=identity"
[root@nfs2013 etc]#
Getting rid of "mapping=identity", my shared directory exports just fine.
I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
I believe this is some arcane invocation of idmapd functionality. Going back to SunOS memories, it took the user name (or perhaps number) as trusted and allowed you to access things if your usernum was the same on the client. Understand that Solaris replaced SunOS about 20 years ago, and don't put full faith in my memory.
In any case, if you have the same UID on all machines you will probably be fine, but otherwise you will have to build a config file and run idmapd. The documentation sucks, it isn't you, but "man idmapd" will get you started.
Meanwhile, we went into production with the new NFS server and updated /etc/exports file last weekend. The app that depends on the NFS server seems to be working just fine. But in my case, the whole thing is wide open and the app doesn't seem to care a whole lot about mapping user identities. Since it ain't broke, I don't think I'll try to fix it.
I believe this is some arcane invocation of idmapd functionality. Going back to SunOS memories, it took the user name (or perhaps number) as trusted and allowed you to access things if your usernum was the same on the client. Understand that Solaris replaced SunOS about 20 years ago, and don't put full faith in my memory.
In any case, if you have the same UID on all machines you will probably be fine, but otherwise you will have to build a config file and run idmapd. The documentation sucks, it isn't you, but "man idmapd" will get you started.
- Greg
On 02/16/13 22:09, Greg Scott wrote:
Hello -
I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
/shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
Wonderful.
But on the new system, when I set up /etc/exports the same way, I get this error:
[root@nfs2013 etc]# exportfs -av exportfs: /etc/exports:1: unknown keyword "mapping=identity"
[root@nfs2013 etc]#
Getting rid of "mapping=identity", my shared directory exports just fine.
I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
Probably related to the unfsd[1]. iSeries? ;)
[1] http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=74a8f33de5f2...
Cheers, poma
On 02/20/13 18:55, ergodic wrote:
Hi Bill running Fedora 18, I tried:
# rpm -q idmapd package idmapd is not installed
then:
# yum install idmapd Loading mirror speeds from cached hostfile
- fedora: ftp.linux.ncsu.edu
- livna: rpm.livna.org
- rpmfusion-free: mirror.us.leaseweb.net
- rpmfusion-free-updates: mirror.us.leaseweb.net
- rpmfusion-nonfree: mirror.us.leaseweb.net
- rpmfusion-nonfree-updates: mirror.us.leaseweb.net
- updates: mirror.metrocast.net
No package idmapd available. Error: Nothing to do
Any suggestions?
yum provides *bin*idmap | grep nfs :)
Cheers, poma
I just now checked this - sorry for the delayed response.
Probably related to the unfsd[1]. iSeries? ;)
Yes! This is an IBM AS/400 site. The AS400 is an NFS client. They run an app that uses an NFS server to hold archives of images they need to keep handy. Several years ago, the original NFS server had some issues. I looked at its exports and replaced it with a RHEL NFS server with identical parameters. And then a couple weeks ago, I upgraded that now aging RHEL server with a newer piece of hardware and RHEL 6.3. This was when mapping=identity broke.
- Greg
-
Bill Davidsen -
ergodic -
Greg Scott -
poma