Bug 1106351
| Summary: | chown does not respect NFSv4 no_root_squash | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Jan Kurik <jkurik> | |
| Component: | nfs-utils-lib | Assignee: | Steve Dickson <steved> | |
| Status: | CLOSED ERRATA | QA Contact: | JianHong Yin <jiyin> | |
| Severity: | high | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 6.5 | CC: | bilias, djeffery, eguan, fs-qe, jas, jiyin, jsvarova, lherbolt, mschuppe, pm-eus, rmarigny, steved, tlavigne, ykinoshi | |
| Target Milestone: | rc | Keywords: | ZStream | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | nfs-utils-lib-1.1.5-6.el6_5 | Doc Type: | Bug Fix | |
| Doc Text: |
Previously, when the chown utility was used on NFSv4 mount, chown did not adhere the no_root_squash option, and thus was not able to change the user and group ownership of each given file. The libnfsidmap, a library to help mapping IDs mainly for NFSv4, has been patched, and chown now handles the user and group ownership as expected.
|
Story Points: | --- | |
| Clone Of: | 1043558 | |||
| : | 1127166 (view as bug list) | Environment: | ||
| Last Closed: | 2014-08-04 08:14:07 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 1043558 | |||
| Bug Blocks: | 1127166 | |||
|
Description
Jan Kurik
2014-06-09 07:17:30 UTC
Verifying: J:699295 RHBA-2014:18250-04-nfs-utils(1)-M.1.1-:/Multihost/idmapping@2014-07-21_09:29:04..--install=nfs-utils-lib-1.1.5-6.el6_5 - Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-0996.html After upgrading to nfs-utils-lib-1.1.5-6.el6_5 nfs mounts do not work anymore. export on server is done with: (rw,sync,root_squash) mount on client is done with autofs -fstype=nfs,nosuid,nodev,soft,bg,nfsvers=3 I get this in syslog: Aug 5 12:50:14 client nfsidmap[1351]: nss_getpwnam: name 'root' does not map into domain 'sub.example.com' Downgrading to nfs-utils-lib-1.1.5-6.el6.x86_64 fixed the problem. regards, Giannis Steve, Unfortunately, I don't think this fix resolves the problem. I've installed the updated nfs-utils-lib-1.1.5-6.el6_5 # rpm -q -a | grep nfs-utils-lib nfs-utils-lib-1.1.5-6.el6_5.x86_64 I'm also running the latest kernel 2.6.32-431.23.3.el6. On client NFSv4 share is mounted like this: hard,intr,bg,tcp,acl On server it is exported to this client like this: rw,sync,no_root_squash On client, after mounting filesystem: # touch newfile newfile shows as owned by "root". # chown root:root newfile # ls -al newfile -rw------- 1 nobody nobody 0 Aug 5 09:34 newfile Syslog: Aug 5 09:25:12 elf elf nfsidmap[5076]: nss_getpwnam: name 'nobody' does not map into domain 'cs.yorku.ca' (In reply to jas from comment #12) > Steve, > > Unfortunately, I don't think this fix resolves the problem. > > I've installed the updated nfs-utils-lib-1.1.5-6.el6_5 > > # rpm -q -a | grep nfs-utils-lib > nfs-utils-lib-1.1.5-6.el6_5.x86_64 > > I'm also running the latest kernel 2.6.32-431.23.3.el6. > > On client NFSv4 share is mounted like this: hard,intr,bg,tcp,acl > On server it is exported to this client like this: rw,sync,no_root_squash > > On client, after mounting filesystem: > # touch newfile > newfile shows as owned by "root". > # chown root:root newfile > # ls -al newfile > -rw------- 1 nobody nobody 0 Aug 5 09:34 newfile > > Syslog: Aug 5 09:25:12 elf elf nfsidmap[5076]: nss_getpwnam: name 'nobody' > does not map into domain 'cs.yorku.ca' works for me: [01:56:24 root@ ~~]# chown qa:qa $mnt/file3 :: [ PASS ] :: Test root chown return code correct. (Expected 0, got 0) -------------------------------------------------------------------------------- [01:56:24 root@ ~~]# ls -l $mnt/file3 -rw-r--r--. 1 qa qa 0 Aug 6 01:56 /nfs-mount/file3 -------------------------------------------------------------------------------- [01:56:24 root@ ~~]# /usr/bin/test $(stat --format=%U.%G $mnt/file3) = "qa.qa" :: [ PASS ] :: Test chown result correct(qa.qa) (Expected 0, got 0) -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# chown root:root $mnt/file3 :: [ PASS ] :: Test root chown return code correct. (Expected 0, got 0) -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# ls -l $mnt/file3 -rw-r--r--. 1 root root 0 Aug 6 01:56 /nfs-mount/file3 -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# /usr/bin/test $(stat --format=%U.%G $mnt/file3) = "root.root" :: [ PASS ] :: Test chown result correct(root.root) (Expected 0, got 0) -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# chown qa:qa $mnt/file3 :: [ PASS ] :: Test root chown return code correct. (Expected 0, got 0) -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# ls -l $mnt/file3 -rw-r--r--. 1 qa qa 0 Aug 6 01:56 /nfs-mount/file3 -------------------------------------------------------------------------------- [01:56:25 root@ ~~]# /usr/bin/test $(stat --format=%U.%G $mnt/file3) = "qa.qa" :: [ PASS ] :: Test chown result correct(qa.qa) (Expected 0, got 0) ------------------------------------------------ Time & CURDIR : [2014-08-06 01:54:39 @/mnt/tests/CoreOS/nfs-utils/function/idmapping] Case Name : /CoreOS/nfs-utils/function/idmapping $HOSTNAME : ibm-z10-12.rhts.eng.bos.redhat.com Distro Info : RedHatEnterpriseServer 6.5 : RHEL-6.5 NVR & host : Linux ibm-z10-12.rhts.eng.bos.redhat.com 2.6.32-431.el6.s390x #1 SMP Sun Nov 10 22:21:52 EST 2013 s390x s390x s390x GNU/Linux cmdline : root=/dev/mapper/vg_ibmz1012-lv_root rd_DASD=0.0.2197 rd_NO_LUKS rd_DASD=0.0.2097 LANG=en_US.UTF-8 rd_NO_MD KEYTABLE=us rd_DASD=0.0.2297 rd_DASD=0.0.2397 rd_LVM_LV=vg_ibmz1012/lv_swap rd_LVM_LV=vg_ibmz1012/lv_root SYSFONT=latarcyrheb-sun16 rd_NO_DM BOOT_IMAGE=0 Package Info : libtirpc-0.2.1-6.el6_4.s390x nfs-utils-1.2.3-39.el6.s390x ------------------------------------------------ nfs-utils-lib exists on the system and is not kernel.. Upgrading Retrieving http://porkchop.redhat.com/brewroot/packages/nfs-utils-lib/1.1.5/6.el6_5/s390x/nfs-utils-lib-1.1.5-6.el6_5.s390x.rpm Preparing... ################################################## nfs-utils-lib ################################################## Got it. if use the default value nfs4_disable_idmapping, test fail; reopen it. *** Bug 1127166 has been marked as a duplicate of this bug. *** how to reopen this bug? (In reply to Yin.JianHong from comment #16) > how to reopen this bug? Can you describe which test fail to test it with CU. (In reply to Lukas Herbolt from comment #17) > (In reply to Yin.JianHong from comment #16) > > how to reopen this bug? > > Can you describe which test fail to test it with CU. chown to qa:qa return success, but ls -l got nobody.nobody if use default config(disable idmapping), is this the expect result? test log: ----------------- [14:31:46 root@ ~~]# chown qa:qa $mnt/file3 :: [ PASS ] :: Test root chown return code correct. (Expected 0, got 0) -------------------------------------------------------------------------------- [14:31:46 root@ ~~]# ls -l $mnt/file3 -rw-r--r--. 1 nobody nobody 0 Aug 7 14:31 /nfs-mount/file3 :: [ PASS ] :: Running 'ls -l $mnt/file3' (Expected 0, got 0) -------------------------------------------------------------------------------- [14:31:46 root@ ~~]# /usr/bin/test $(stat --format=%U.%G $mnt/file3) = "qa.qa" :: [ FAIL ] :: Test chown result correct(qa.qa) (Expected 0, got 1) |