NFSv4 nobody issue

Loïc Blot loic.blot at unix-experience.fr
Mon Oct 13 08:10:08 UTC 2014 

Hi,
i tryed some other things

User nobody (65534)
-> chown nobody /usr/jail/test.file => problem

Group nogroup (65533)
-> chown :nogroup /usr/jail/test.file => same problem

Group nobody (65534)
-> chown :nobody /usr/jail/test.file => no problem

Change user nobody UID from 65534 to 65533 => same problem. It's not a UID number problem but a name problem.

Then, user nobody and group nogroup (not the integer values) are problematic. I looked at nfsuserd.c and i see:
u_char *defaultuser = "nobody";
u_char *defaultgroup = "nogroup";

I think it's related.

Regards,

Loïc Blot,
UNIX Systems, Network and Security Engineer
http://www.unix-experience.fr

13 octobre 2014 09:15 "Loïc Blot" <loic.blot at unix-experience.fr> a écrit: 
> Hi,
> of course i have it. On each node:
> 
> # cat /etc/master.passwd | grep nobody
> returns:
> nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
> 
> It's why i do a report here :)
> 
> Regards,
> 
> Loïc Blot,
> UNIX Systems, Network and Security Engineer
> http://www.unix-experience.fr
> 
> 10 octobre 2014 13:51 "Rick Macklem" <rmacklem at uoguelph.ca> a écrit:
> 
>> Loic Blot wrote:
>> 
>>> Hello @freebsd-fs,
>>> i'm trying to do jail hosting over NFSv4 with ezjail and i'm
>>> experimenting an issue that i can't resolve. When i extract
>>> base.txz (with ezjail) or i set nobody user on a file, i have this
>>> error:
>>> 
>>> chown nobody:nobody /usr/jails/fulljail/mnt/
>>> No name and/or group mapping for uid,gid:(65534,65534)
>>> chown: /usr/jails/fulljail/mnt/: Operation not permitted
>>> 
>>> No problem if i set:
>>> chown mysql:nobody /usr/jails/fulljail/mnt/
>>> 
>>> Problem appears on all files.
>> 
>> Do you have a user by the name of "nobody" in your password database?
>> (NFSv4 uses names and not numbers on the wire, so no name-->no mapping
>> and chown can't be done.)
>> 
>> rick
>> 
>>> On my ZFS+NFSv4 server i do a dataset, exported in NFS
>>> 
>>> /etc/exports:
>>> V4: /
>>> 
>>> zfs get sharenfs pool/jails:
>>> -network=10.99.99.0 -mask=255.255.255.0 -maproot=root
>>> 
>>> nfsuserd and nfsv4_server_enable=YES on both client and server, plus
>>> nfsbcd on client.
>>> 
>>> On the client here is the fstab entry
>>> 10.99.99.99:/pool/jails /usr/jails nfs rw,nfsv4 0 0
>>> 
>>> What i'm doing wrong ?
>>> 
>>> Thanks in advance
>>> Regards,
>>> 
>>> Loïc Blot,
>>> UNIX Systems, Network and Security Engineer
>>> http://www.unix-experience.fr 
>>> _______________________________
>>> 
>>> freebsd-fs at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-fs
>>> To unsubscribe, send any mail to "freebsd-fs-unsubscribe at freebsd.org"
> 
> _______________________________
> 
> freebsd-fs at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-fs
> To unsubscribe, send any mail to "freebsd-fs-unsubscribe at freebsd.org"

More information about the freebsd-fs mailing list