NFS4 Server setup missing /etc/idmapd.conf

I’m about to set up an NFS4 server. I learned from

that the file /etc/idmapd.conf is required for NFS4. On my system (Open Suse Tumbleweed) this file does not exist. If I use Yast to set up the server, the option “enable NFS4” is checked, but the required file is missing.

The client uses Autofs and is unable to mount the exported volume if option --fstype=nfs4 is given in auto.misc. If I leave off this option, then the client mounts the volume as nfs3 file system.

Is there a connection between the missing idmapd.conf file and the behavior of the client ?

idmapd is entirely optional as is quite clearly described in the manual you mentioned. Provide actual logs or command output that contains errors during mount.

Thanks for your reply. I’ll provide logs later this day.
How can I figure out whether the server is exporting via NFS3 or NFS4 ?

When I look with YaST → Network Services → er, it shows a tick box Activate NFSv4 (it is off in my case).

And you can of course look in /etc/sysconfig/nfs.

BTW. It could be that NFSv3 is always on and that it depends on the request from the client which version is used.

Thanks for your help. So here are the debug messages:

Server:
On the server, in /etc/sysconfig/nfs I see these entries:

NFS3_SERVER_SUPPORT="yes"
NFS4_SUPPORT="yes"

Client:
In auto.master I have this line:
/home/mike/nfs /etc/auto.misc

Case 1:
in auto.misc I have this entry:
franzi -fstype=nfs4 192.168.4.7:/nfsexport/franzi

I start the debugger:

notebook3:/home/mike # automount -f -v
Starting automounter version 5.1.8, master map auto.master
using kernel protocol version 5.05
lookup(yp): read of master map auto.master failed: Request arguments bad
mounted indirect on /home/mike/nfs with timeout 300, freq 75 seconds
attempting to mount entry /home/mike/nfs/franzi
>> mount.nfs4: mounting 192.168.4.7:/nfsexport/franzi failed, reason given by server: No such file or directory
mount(nfs): nfs: mount failure 192.168.4.7:/nfsexport/franzi on /home/mike/nfs/franzi
failed to mount /home/mike/nfs/franzi

and do as non-root in another terminal:

~> ls nfs/franzi
ls: cannot access 'nfs/franzi': No such file or directory

So from the debug output I reason that nfs4 is tried as specified in auto.misc.

Case 2:

in auto.misc I have this entry to explicit use nfs3:
franzi -fstype=nfs 192.168.4.7:/nfsexport/franzi

I start the debugger:

notebook3:/home/mike # automount -f -v
Starting automounter version 5.1.8, master map auto.master
using kernel protocol version 5.05
lookup(yp): read of master map auto.master failed: Request arguments bad
mounted indirect on /home/mike/nfs with timeout 300, freq 75 seconds
attempting to mount entry /home/mike/nfs/franzi
>> Created symlink /run/systemd/system/remote-fs.target.wants/rpc-statd.service → /usr/lib/systemd/system/rpc-statd.service.
mounted /home/mike/nfs/franzi

It seems to me that nfs3 is working.
As non-root I see the remote file properly shown:

~>ls nfs/franzi
test.txt

You forgot to show what is exported on the server.

Server:

# exportfs -s
/nfsexport  *(async,wdelay,hide,crossmnt,no_subtree_check,fsid=0,sec=sys,rw,secure,root_squash,no_all_squash)
/nfsexport/franzi  *(async,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)

Client:

notebook3:/home/mike # showmount -e 192.168.4.7
Export list for 192.168.4.7:
/nfsexport/franzi *
/nfsexport        *

It is your NFSv4 root, so clients cannot see it. Try mounting /franzi.

I’m sorry, I can’t follow. What do you mean by that ?

Try some reading about NFSv4 and pseudo filesystem. In short, the effect is similar to your clients doing

chroot /nfsexport

so they only see what is below your designated as NFSv4 root.

Or simply remove fsid=0 option. Why you added it in the first place?

Thanks. I removed the fsid=0 option on the server side in file exports. The file content is now:

/nfsexport              *(rw,async,no_subtree_check,crossmnt)
/nfsexport/franzi       *(rw,async,no_subtree_check)

The nfs4 automounter on the client side seems to work now.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.