Static ID mapping not functional in NFS
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| libnfsidmap (Ubuntu) |
Fix Released
|
Undecided
|
Andreas Hasenack | ||
Bug Description
Static NFS UID/GID translation doesn't work, even when using with sec=krb5.
The share is exported with:
/nfs 192.168.
Mapping configuration in /etc/idmapd.conf:
...
[Translation]
Method = static
[Static]
<email address hidden> = sam
<email address hidden> = bob
...
Logs from rpc.idmapd:
...
rpc.idmapd[3591]: libnfsidmap: processing 'Method' list
libnfsidmap: loaded plugin /lib/x86_
rpc.idmapd[3592]: Expiration time is 600 seconds.
rpc.idmapd[3592]: Opened /proc/net/
rpc.idmapd[3592]: Opened /proc/net/
...
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=user
rpc.idmapd[3592]: nfs4_uid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (user) id "1000" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=group
rpc.idmapd[3592]: nfs4_gid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (group) id "1000" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=group
rpc.idmapd[3592]: nfs4_gid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (group) id "1003" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=user
rpc.idmapd[3592]: nfs4_uid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (user) id "0" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=group
rpc.idmapd[3592]: nfs4_gid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (group) id "0" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=user
rpc.idmapd[3592]: nfs4_uid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (user) id "1002" -> name ""
rpc.idmapd[3592]: nfsdcb: authbuf=gss/krb5 authtype=group
rpc.idmapd[3592]: nfs4_gid_to_name: final return value is 0
rpc.idmapd[3592]: Server : (group) id "1002" -> name ""
...
As you can see, even though static.so plugin was loaded, ID translation was not performed.
Looking at this issue with GDB shows that static translation plugin is skipped in these two lines in libnfsidmap.c:
...
if (plgns[
continue;
...
The reason that funcname is null is that pointers to name_to_uid, name_to_gid, uid_to_name, gid_to_name are explicitly initialized to NULL in the Ubuntu's version of libnfsidmap/
...
struct trans_func static_trans = {
.name = "static",
.init = NULL,
};
...
Please note, that in original sources of NFS these callbacks are correctly initialized like so:
...
struct trans_func static_trans = {
.name = "static",
.init = static_init,
.name_to_uid = static_name_to_uid,
.name_to_gid = static_name_to_gid,
.uid_to_name = static_uid_to_name,
.gid_to_name = static_gid_to_name,
.princ_to_ids = static_
.gss_princ_
};
...
I am not sure why in Ubuntu's package the NFS static ID translation was disabled, but if it was done deliberately it should've been documented (maybe here https:/
Side note: nsswitch translation works correctly.
Ubuntu Server 18.04.1 LTS
libnfsidmap2:amd64 0.25-5.1
| affects: | snapd (Ubuntu) → libnfsidmap (Ubuntu) |
| Changed in libnfsidmap (Ubuntu): | |
| assignee: | nobody → Andreas Hasenack (ahasenack) |
| status: | New → Triaged |
| tags: | added: server-todo |
| Changed in libnfsidmap (Ubuntu): | |
| milestone: | none → ubuntu-22.04-feature-freeze |
| Andreas Hasenack (ahasenack) wrote | #1 |
| Andreas Hasenack (ahasenack) wrote | #2 |
| Christian Ehrhardt (paelzer) wrote | #3 |
| Changed in libnfsidmap (Ubuntu): | |
| status: | Triaged → Fix Released |
I'm attempting to update nfs-utils for ubuntu jammy 22.04[1], and libnfsidmap is bundled with nfs-utils now. As far as I can see, [Static] is working, but I still have some experiments to run with it. Since you seem a user of this mapping, if you could help test the new nfs-utils package that would be great!
1. https:/