May 13, 2009

writing on a mounted linux NFS filesystem causes uid to be nobody4

On some of the last versions of OpenSolaris I had problems writing to the
filesystems which were mounted from our old linux file server ( SuSE 8.2 - Kernel 2.4.20) .

I mount the filesystem from the linux servers via automount and if not available
the mount directs to a local fielsystem.
the content of my auto_direct looks like:
/trace -timeo=600,retrans=10,retry=10,rsize=8192,wsize=8192 linux1.hartter.com:/trace localhost(9):/export/remote/trace
/users -timeo=600,retrans=10,retry=10,rsize=8192,wsize=8192 lxserv:/users localhost(9):/export/remote
This causes ( a running autofs service the prerequisite ) a mount from the server as first attempt and if not available mount from the localhost. This is achieved with
the number in brackets.

Locally I have defined my user with the same UID and GID.

A new file on the NFS filesystems is created with user nobody4 when the world writeable flag is set on the directory.

So I could not write to restricted directories on NFS, which worked on some release before.

Now I found a message thread which discusses this problem.

The problem is about the security in NFS.

What I did to solve my problem was to deactivate the security mode none
in /etc/nfssec.conf

# default security mode is defined at the end. It should be one of
# the flavor numbers defined above it.
#
#none 0 - - - # AUTH_NONE
sys 1 - - - # AUTH_SYS
dh 3 - - - # AUTH_DH
After this a newly created file on a newly mounted NFS drive ( also via automount )
get the correct UID/GID as my local user has.

So I can write again from the OpenSolaris installation on the NFS drives of the
linux file servers.