NFS mount using /etc/idmapd.conf has permission denied for mapped user

David

10/25/23, 5:37 PM

With an NFS4 mount, using /etc/idmapd.conf to map the nobody user and group to user123, files look like they should be accessible to user123 but instead give a Permission denied. The files are accessible to root.

Is there another mechanism I should be using to make these files accessible to user123? Ideally without having to request changes to how the NFS server is set up.

Here's an example of the problem I'm seeing:

user123@srv-l-002t:/mnt/import/sub$ ls -la
total 80
drwxrwxrwx 2 user123 user123 4096 Oct 25 16:06 ./
drwxrwxrwx 2 user123 user123 4096 Oct 25 16:17 ../
-rwx------ 1 user123 user123  917 Oct 25 16:05 user123-test-should-work-new-1.log*

user123@srv-l-002t:/mnt/import/sub$ stat user123-test-should-work-new-1.log 
  File: user123-test-should-work-new-1.log
  Size: 917         Blocks: 8          IO Block: 1048576 regular file
Device: 88h/136d    Inode: 562949953538881  Links: 1
Access: (0700/-rwx------)  Uid: ( 1002/   user123)   Gid: ( 1002/   user123)
Access: 2022-10-25 16:05:07.389372600 +0000
Modify: 2022-10-25 16:05:10.802138700 +0000
Change: 2022-10-25 16:05:10.802138700 +0000
 Birth: -
 
user123@srv-l-002t:/mnt/import/sub$ id
uid=1002(user123) gid=1002(user123) groups=1002(user123)

user123@srv-l-002t:/mnt/import/sub$ cat user123-test-should-work-new-1.log 
cat: user123-test-should-work-new-1.log: Permission denied

The NFS mount is simply

ip-addr:/share                              /mnt/import nfs defaults,vers=4,resvport    0 0

291

0 + 1

linux

permissions

nfs

umask

A.B

10/26/23, 9:34 AM

My take on this: nobody is special: that's the "not mapped" user. So even if on the client you wish it's mapped to some user, it's still the "not mapped user". See this RFC: https://www.rfc-editor.org/rfc/rfc8881#section-5.9-8 "Users and implementations of NFSv4.1 SHOULD NOT use "nobody" to designate a real user whose access is not anonymous."

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: NFS mount using /etc/idmapd.conf has permission denied for mapped user

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.