anyone have nfsv4 actually working?

Questions about using the NFS Server may be placed here
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
thenoid
I'm New!
I'm New!
Posts: 3
Joined: Wed Jan 27, 2016 10:02 am

anyone have nfsv4 actually working?

Postby thenoid » Wed Jan 27, 2016 10:13 am

This is utterly redonkulous tried everything and only half way there, the lack of instructions/debuggability from synology is making me regret my purchase....hoping someone can help.

Currently having a terrible time getting UID/GID's to map through correctly with nfsv4.
For this setup hitei-kan = synology, basestar21 = client

Here is my ID on basestar21

Code: Select all

[rocky@basestar21 ~]$ id
uid=2048(rocky) gid=2048(rocky) groups=2048(rocky),10(wheel),100(users),2300(sysadmin) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

Here is my ID on hitei-kan

Code: Select all

hitei-kan> id rocky
uid=1026(rocky) gid=100(users) groups=100(users),101(administrators)


how the NFS mount is mounted

Code: Select all

[root@basestar21 ~]# mount -t nfs4  hitei-kan.home.mydomain.us:/volume1/testicle /mnt/

[rocky@basestar21 ~]$ mount | egrep testicle
hitei-kan.home.mydomain.us:/volume1/testicle on /mnt type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.0.1.121,local_lock=none,addr=10.0.1.26)


Trying to create a file on the NFS mount, but it ends up nobody:nobody

Code: Select all

[rocky@basestar21 ~]$ touch /mnt/rocky.$(date +%s); ls -lahrt /mnt/
total 8.0K
dr-xr-xr-x. 18 root   root   4.0K Jan 26 22:38 ..
-rw-rw-r--.  1 nobody nobody    0 Jan 27 03:00 rocky.1453885212
drwxrwxrwx.  2 root   root   4.0K Jan 27 03:00 .


However i can chown it to the right uid/gid.

Code: Select all

[rocky@basestar21 ~]$ sudo chown rocky:users /mnt/rocky.1453885212
[rocky@basestar21 ~]$ ls -lahrt /mnt/
total 8.0K
dr-xr-xr-x. 18 root  root  4.0K Jan 26 22:38 ..
-rw-rw-r--.  1 rocky users    0 Jan 27 03:00 rocky.1453885212
drwxrwxrwx.  2 root  root  4.0K Jan 27 03:00 .


this is what the idmapd.conf's look like

Code: Select all

[root@basestar21 ~]# egrep -v ^# /etc/idmapd.conf
[General]

Verbosity = 0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs

Domain = home.mydomain.us


[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

[Translation]

Method = nsswitch

Code: Select all

hitei-kan> egrep -v ^# /etc/idmapd.conf
[General]
Domain=home.mydomain.us
[Mapping]
Nobody-User=guest
Nobody-Group=users
[Translation]
Method=nsswitch
GSS-Methods=static,synomap
[Static]




So it seems like it's part way there (since i can chown) but not fully. Any help would be greatly appreciated.
thenoid
I'm New!
I'm New!
Posts: 3
Joined: Wed Jan 27, 2016 10:02 am

Re: anyone have nfsv4 actually working?

Postby thenoid » Wed Jan 27, 2016 4:42 pm

P.S. i did find this topic (https://forum.synology.com/enu/viewtopi ... 41&t=81462) by @pnoman but like almost all these threads he ended up giving up.

I know NFSv4 idmapd works, i've used it to link RHEL and ubuntu systems with different ID's for years. Just not sure how to troubleshoot the darn synology
thenoid
I'm New!
I'm New!
Posts: 3
Joined: Wed Jan 27, 2016 10:02 am

Re: anyone have nfsv4 actually working?

Postby thenoid » Wed Jan 27, 2016 5:04 pm

So the GSS-Methods section is supposed to define how to map local to network ID's

http://linux.die.net/man/5/idmapd.conf

synomap appears to be some custom synology plugin for idmapd. Static is just static mappings, which appear unconfigurable. Anyone have experience with synomap?
atroph
I'm New!
I'm New!
Posts: 3
Joined: Thu Feb 04, 2016 6:40 am

Re: anyone have nfsv4 actually working?

Postby atroph » Thu Feb 04, 2016 2:51 pm

Tried for hours last night to get mapping working between an Ubuntu box and the Synology running 5.2.x. Every single time I get mapped as my current uid on the Ubuntu box (1000) vice what I have mapped. It doesn't seem to translate "client box 1000" => "NAS 1027".

Here is a verbose output that I captured:

Code: Select all

Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "101" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "102" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "55" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=group
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_gid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (group) id "55" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "125" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "1000" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=group
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_gid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (group) id "1000" -> name ""
Feb  4 03:17:41 CloudStation idmapd[25286]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 03:17:41 CloudStation idmapd[25286]: nfs4_uid_to_name: final return value is 0
Feb  4 03:17:41 CloudStation idmapd[25286]: Server : (user) id "1027" -> name ""


The above is with nsswitch removed from the method line within idmapd.conf

Here is what it looks like with it replaced:

Code: Select all

Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_uid_to_name: final return value is 0
Feb  4 10:42:29 CloudStation idmapd[13271]: Server : (user) id "0" -> name "root@cloudstation.home"
Feb  4 10:42:29 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=group
Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb  4 10:42:29 CloudStation idmapd[13271]: nfs4_gid_to_name: final return value is 0
Feb  4 10:42:29 CloudStation idmapd[13271]: Server : (group) id "0" -> name "root@cloudstation.home"
Feb  4 10:43:54 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: final return value is 0
Feb  4 10:43:54 CloudStation idmapd[13271]: Server : (user) id "1024" -> name "admin@cloudstation.home"
Feb  4 10:43:54 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=group
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_gid_to_name: nsswitch->gid_to_name returned 0
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_gid_to_name: final return value is 0
Feb  4 10:43:54 CloudStation idmapd[13271]: Server : (group) id "100" -> name "users@cloudstation.home"
Feb  4 10:43:54 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: nsswitch->uid_to_name returned 0
Feb  4 10:43:54 CloudStation idmapd[13271]: nfs4_uid_to_name: final return value is 0
Feb  4 10:43:54 CloudStation idmapd[13271]: Server : (user) id "100" -> name "transmission@cloudstation.home"
Feb  4 10:44:19 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=user
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_uid_to_name: calling nsswitch->uid_to_name
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_uid_to_name: nsswitch->uid_to_name returned -2
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_uid_to_name: final return value is -2
Feb  4 10:44:19 CloudStation idmapd[13271]: Server : (user) id "1000" -> name "nobody"
Feb  4 10:44:19 CloudStation idmapd[13271]: nfsdcb: authbuf=192.168.0.0/23 authtype=group
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_gid_to_name: calling nsswitch->gid_to_name
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_gid_to_name: nsswitch->gid_to_name returned -2
Feb  4 10:44:19 CloudStation idmapd[13271]: nfs4_gid_to_name: final return value is -2
Feb  4 10:44:19 CloudStation idmapd[13271]: Server : (group) id "1000" -> name "users"


Doesn't really tell me much and my next step is to Wireshark the line and see what is being sent to the NAS.
atroph
I'm New!
I'm New!
Posts: 3
Joined: Thu Feb 04, 2016 6:40 am

Re: anyone have nfsv4 actually working?

Postby atroph » Fri Feb 05, 2016 12:12 am

Looks like my client is only passing its name (e-masheen) and the UID GID to the NFS server.

Code: Select all

Credentials
        Flavor: AUTH_UNIX (1)
        Length: 72
        Stamp: 0x000576a1
        Machine Name: e-Masheen
            length: 9
            contents: e-Masheen
            fill bytes: opaque data
        UID: 1000
        GID: 1000
        Auxiliary GIDs (10) [4, 6, 20, 24, 46, 104, 111, 119, 122, 1000]
            GID: 4
            GID: 6
            GID: 20
            GID: 24
            GID: 46
            GID: 104
            GID: 111
            GID: 119
            GID: 122
            GID: 1000


And the access denied from the server for this particular directory

Code: Select all

Network File System, Ops(3): PUTFH ACCESS GETATTR
    [Program Version: 4]
    [V4 Procedure: COMPOUND (1)]
    Status: NFS4_OK (0)
    Tag: <EMPTY>
        length: 0
        contents: <EMPTY>
    Operations (count: 3)
        Opcode: PUTFH (22)
            Status: NFS4_OK (0)
        Opcode: ACCESS (3), [Access Denied: MD XT DL], [Allowed: RD LU]
            Status: NFS4_OK (0)
            Supported types (of requested): 0x1f
                .... ...1 = 0x01 READ: supported
                .... ..1. = 0x02 LOOKUP: supported
                .... .1.. = 0x04 MODIFY: supported
                .... 1... = 0x08 EXTEND: supported
                ...1 .... = 0x10 DELETE: supported
            Access rights (of requested): 0x03
                .... ...1 = 0x01 READ: allowed
                .... ..1. = 0x02 LOOKUP: allowed
                .... .0.. = 0x04 MODIFY: *Access Denied*
                .... 0... = 0x08 EXTEND: *Access Denied*
                ...0 .... = 0x10 DELETE: *Access Denied*
               
devilkin
I'm New!
I'm New!
Posts: 3
Joined: Sun Apr 08, 2012 6:15 pm

Re: anyone have nfsv4 actually working?

Postby devilkin » Mon Jul 10, 2017 7:33 am

I'm sorry to drag up this rather old post, but I got it to work. Unfortunately, since some kernel, the parameter nfs4_disable_idmapping has been defaulted to "Y" - in effect, turning off id mapping.

If you switch this off on both the synology NAS nfsd module, by doing

Code: Select all

echo "N" > /sys/module/nfsd/parameters/nfs4_disable_idmapping

and on your NFS client

Code: Select all

echo "N" > /sys/module/nfs/parameters/nfs4_disable_idmapping


(you can make this permanent by putting a file in /etc/modprobe.d/nfs.conf with content

Code: Select all

options nfs nfs4_disable_idmapping=0
options nfsd nfs4_disable_idmapping=0


it should work. It works for me.

Do note that on the serverside you need to change the parameter for nfsd, on the client side just nfs.
AlBundy
I'm New!
I'm New!
Posts: 7
Joined: Sun Sep 17, 2017 5:56 pm

Re: anyone have nfsv4 actually working?

Postby AlBundy » Sun Oct 08, 2017 3:28 pm

I have exactly the same issue.
User and group is nobody:nogroupxon the client (raspberry pi) after creating a file (e.g. touch) but 1000:1000 on the server (DS213) where 1000 is user and group "pi" on my raspberry.

If I run chown pi:pi on my file (client or server) both client and server showing pi:pi as user and group.

I've already disabled idmapping on my raspberry but have not found a solution to do this on my diskstation.
/sys/module/nfsd/parameters and /etc/modprobe.d does not exist on the diskstation.

Can someone explanation how to do this or has some other hints to solve this issue?

Thanks

Al

Return to “NFS Server”

Who is online

Users browsing this forum: No registered users and 0 guests