Bug 1129792
| Summary: | libnfsidmap: respect Nobody-User/Nobody-Group | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Steve Dickson <steved> |
| Component: | nfs-utils-lib | Assignee: | Steve Dickson <steved> |
| Status: | CLOSED ERRATA | QA Contact: | JianHong Yin <jiyin> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.7 | CC: | eguan, fs-qe, jherrman, salmy, yoyang |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | nfs-utils-lib-1.1.5-10 | Doc Type: | Bug Fix |
| Doc Text: |
Prior to this update, the libnfsidmap library used "nobody@DEFAULTDOMAIN" when performing name lookup, but this did not match the behavior of the rpc.idmapd daemon. As a consequence, the nfsidmap utility did not properly handle situations when "nobody@DEFAULTDOMAIN" did not directly map to any user or group on the system. With this update, libnfsidmap uses the "Nobody-User" and "Nobody-Group" values in the /etc/idmapd.conf file when the default "nobody" user and group are set, and the described problem no longer occurs.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-07-22 06:28:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1129790 | ||
| Bug Blocks: | |||
Verified by https://beaker.engineering.redhat.com/jobs/881544 Server: [09:50:56 root@ ~~]# touch /home/qa/file_root :: [ PASS ] :: Running 'touch /home/qa/file_root' (Expected 0, got 0) -------------------------------------------------------------------------------- [09:50:56 root@ ~~]# su -c "touch /home/qa/file_qa" qa :: [ PASS ] :: touch file owned by qa (Expected 0, got 0) -------------------------------------------------------------------------------- [09:50:56 root@ ~~]# ls -l /home/qa total 0 -rw-r--r--. 1 qa qa 0 Feb 13 09:50 file_qa -rw-r--r--. 1 root root 0 Feb 13 09:50 file_root -------------------------------------------------------------------------------- [09:50:56 root@ ~~]# grep "^[^#]" /etc/idmapd.conf [General] Verbosity = 2 Domain = [Mapping] Nobody-User = test Nobody-Group = test [Translation] Method = nsswitch Client: [09:51:09 root@ ~~]# grep "^[^#]" /etc/idmapd.conf [General] Verbosity = 2 Domain = [Mapping] Nobody-User = test Nobody-Group = test [Translation] Method = nsswitch [09:51:12 root@ ~~]# mount -t nfs $SERVER:/home/qa $nfsmp :: [ PASS ] :: Running 'mount -t nfs $SERVER:/home/qa $nfsmp' (Expected 0, got 0) -------------------------------------------------------------------------------- [09:51:13 root@ ~~]# ls -l $nfsmp | grep "$Nobody" -rw-r--r--. 1 test test 0 Feb 13 09:50 file_qa ^^^^ expected :: [ PASS ] :: Running 'ls -l $nfsmp | grep "$Nobody"' (Expected 0, got 0) -------------------------------------------------------------------------------- [09:51:13 root@ ~~]# umount $nfsmp :: [ PASS ] :: Running 'umount $nfsmp' (Expected 0, got 0) -------------------------------------------------------------------------------- Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1312.html |
Description of problem: Previous behavior of libnfsidmap was to do a name lookup of nobody@DEFAULTDOMAIN (for both user and group), which does not match the behavior of rpc.idmapd. This patch makes libnfsidmap respect Nobody-User/Nobody-Group for lookups, thus making the nfsidmap utility properly handle the case if nobody@DEFAULTDOMAIN does not directly map to any user/group on the system. How reproducible: 100% Steps to Reproduce: 1. Uncomment Nobody-User in /etc/idmapd.conf and set it to a value 2. Do a NFSv4 mount. 3. See what value is used when there is no valid id/gid mapping Additional info: commit f139de79d91e7773b5b98fe5aca5570f77c7aee9 Author: Christian Seiler <christian> Date: Wed Aug 13 12:42:14 2014 -0400 libnfsidmap: respect Nobody-User/Nobody-Group