Why is file ownership inconsistent between two systems mounting the same NFS share?
Solution 1
Remember that each of the NFS client systems will determine the username by looking up the numerical UID locally using the local system's /etc/passwd, or in your centralized user database. The NFS server only stores the UID in numerical format, and does not know about usernames. This is also true for group names vs. GIDs.
In your case, serverA and serverB must have different usernames listed in /etc/passwd
To test this, use ls -n
to display user and group IDs numerically, rather than converting to a user or group name in a long (-l) output. If the ls -n
option is not available on AIX, consult the manpage for this feature.
To see the username-to-uid mapping, do one of the following on both serverA and serverB.
grep $THEUSERID /etc/passwd
Or, it's a good habit to use getent
, since it works with /etc/password, and directory services (LDAP, etc.):
getent passwd $THEUSERID
The UIDs should be the same on both systems, but the usernames will be different.
Solution 2
You've come up against what I call the Number 1 rule of NFS exporting:
Never export a mount as writable to a client unless that client uses the same UID mapping as the server does.
In order words, the file server owner should demand that all potential NFS clients use the same centralized user database (NIS, NIS+, LDAP, Kerberos, etc).
Solution 3
I've also encountered your problem and managed to solve it with this:
Indeed, NEED_IDMAPD
was not set in the file /etc/default/nfs-common
on the client side.
Setting NEED_IDMAPD=yes
on the client as well resolved the issue. Now client correctly shows user names and groups.
Related videos on Youtube
Alvin Sim
Updated on September 17, 2022Comments
-
Alvin Sim almost 2 years
I have one IBM AIX server (serverA) which is connected to the san storage. I have created a volume group and also file system (jfs2) and mounted to directory /profit.
After that I created a NFS share for that directory and started the NFS daemon.
Over at another server, which is IBM AIX also (serverB), I created a mount point /profit and mounted the nfs share from serverA to serverB using the below command: mount 192.168.10.1:/profit /profit
On serverB, I am able to access the directory and list the files in it. But the strange thing is, on serverA, the directory and files are under the oracle user ownership. But in serverB, i see them as a different user.
When I touch a file in that directory at serverB, on serverA, I see it as another user id.
Any clue how I can fix this?
Below is the file listing from serverB
$ ls -l total 0 -rwxrwxrwx 1 root system 0 Mar 16 15:00 haha -rwxrwxrwx 1 radiusd radiusd 0 Mar 16 15:19 haha2 -rwxrwxrwx 1 radiusd radiusd 0 Mar 16 15:31 haha3 -rw-r--r-- 1 oracle oinstall 0 Mar 17 2011 hahah3 drwxrwxrwx 2 radiusd radiusd 256 Mar 16 14:40 lost+found
On serverA it looks like below:
# ls -l /profit total 0 -rwxrwxrwx 1 root system 0 Mar 16 15:00 haha -rwxrwxrwx 1 oracle dba 0 Mar 16 15:19 haha2 -rwxrwxrwx 1 oracle dba 0 Mar 16 15:31 haha3 -rw-r--r-- 1 10 sshd 0 Mar 17 16:01 hahah3 drwxrwxrwx 2 oracle dba 256 Mar 16 14:40 lost+found
Below is the /etc/exports file from serverA
# more /etc/exports /profit -vers=3,sec=sys:krb5p:krb5i:krb5:dh,rw
Thanks.
-
forcefsck over 13 yearsThe filesystem doesn't store username info, it only stores the user identifier (UID). In your case, the serverA has a different "username to user id" mapping than serverB.
-
-
mattdm over 13 years(Not necessarily /etc/passwd. Could come from a centralized directory service — which is basically mandatory for sanity on any large deployment of NFS.)
-
Mark Norgren over 13 yearsYes, very true.