LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
Reload this Page [SOLVED] Is possible to mapping a remote uid to local uid using nfs and idmap?
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.

Notices


Reply
  Search this Thread
Old 02-22-2023, 02:00 PM   #1
camerabambai
Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 408

Rep: Reputation: 54
Is possible to mapping a remote uid to local uid using nfs and idmap?

With Solaris 11 I create a nfs share

Code:
    zfs set share.nfs=on rpool/public
my Linux client mount it..

Code:
    mount solaris2:/var/public /mnt/share
I want to give write access to myuser, i know three solutions

Solution 1: chmod 777

Code:
    chmod 777 /var/public #NO COMMENT
Solution 2: made the uid identical between remote and local system

change the uid of my local Solaris user to the uid on remote Linux user and then give an acl, this is ok if you have one user only, is simply awful in a multiuser system (you have to replace all old uids with the newest!)

Solution 3: Mapping the uid of remote user to a local user and then give the acl

Code:
   idmap add remoteuser@remotehost unixuser:myuser
    chmod A=user:myuser:add_file/read_data/execute/write_data/execute:allow /var/public
but doesn't work.
The local user can write data to /var/public, the remote not, why?
My idea is to map the external uid (1000) to local uid (100)
Is possible?
Thanks
 
Old 02-22-2023, 04:46 PM   #2
camerabambai
Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 408

Original Poster
Rep: Reputation: 54
Solution found with a workaround
I have created a group with the same gid on both client and server
and then with an acl I give write permission to users belong to the group

On client (Linux)

Code:
    groupadd -g 10093 nfs-users
    usermod -aG nfs-users myuser
on server (Solaris)

Code:
    groupadd -g 10093 nfs-users
    usermod -G nfs-users myuser
Then I add the acl to the shared zfs set (is mounted on /var/public)

Code:
    chmod A+group:nfs-users:write_data/append_data/execute/add_file/add_subdirectory:allow /var/public
Testing: works fine, all users (remote, and locals) which belong to nfs-users group can write on share.
A better solution was to use AD (or samba4) + idmap, but this workaround play fine also in local files environment.
 
1 members found this post helpful.
  


Reply

Tags
idmap, nfs, solaris, solved



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba 4.4.16: the 'idmap uid | gid | backend' option is deprecated. It's a problem? How do I fix it? cesarsj Linux - Software 4 05-28-2020 04:45 PM
smb.conf snf idmap configuration for DC and member server bktpl Linux - Server 1 04-01-2018 02:42 PM
How to use SSHFS where UID===UID (same as NFS)? Lop3 Linux - Server 4 11-14-2015 08:13 AM
OpenLDAP and Samba IDMAP Cottsay Linux - Software 2 08-01-2008 10:37 AM
NFSv4 idmap returns "nobody" - idmap daemons running utahnix Linux - Networking 0 12-09-2007 12:32 AM

LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris

All times are GMT -5. The time now is 08:54 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration