0xfeedface Tech musings and rants

I completely ditched Linux at home. I'm now running OpenSolaris on all machines I actively own and use. The only exception is my netbook, which is running Win7 Starter. I don't really count that--I only use it for travel.

These past few days, I've been spending my time reading endless amounts of documentation and Google results figuring out why NFSv4 isn't working with me. I had NFS working a few months ago. Why would NFS stop working on a fresh install of OpenSolaris build 134?

After a few emails on the nfs-discuss mailing list, Tom Haynes, the project lead for OpenSolaris's NFS implementation, had helped me out quite a bit. He helped me figure out that the user "nobody" needs read access to the share. I never read that in any of the documentation.

Essentially, autofs tries to mount the share. Root permissions are needed to mount filesystems, causing autofs to authenticate as the root user--not the currently-logged in user as I had assumed. On the server, NFS will map UID 0 to the user "nobody". Since my user was the only one with read access, the mount naturally failed.

After giving nobody read access to the share, I could use the share like normal. Here's the minimum ACLs needed for an NFSv4 share:
$ /bin/ls -vd /tank/shares/shawn
d---------+ 13 shawn root 20 Apr 20 10:28 /tank/shares/shawn
0:user:nobody:list_directory/read_data/read_xattr/read_attributes
/read_acl:allow
1:user:shawn:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/read_xattr/write_xattr/execute
/delete_child/read_attributes/write_attributes/delete/read_acl
/write_acl/write_owner/synchronize:file_inherit/dir_inherit:allow


Thanks Tom for helping me figure this out. I appreciate the time you spent.