[gpfsug-discuss] Issues getting SMB shares working.

Aidan Richmond a.g.richmond at leeds.ac.uk
Thu Mar 2 15:41:40 GMT 2017 

mmnfs export list -n /absl/SCRATCH
Path          Delegations Clients    Access_Type Protocols Transports 
Squash      Anonymous_uid Anonymous_gid SecType PrivilegedPort 
DefaultDelegations Manage_Gids NFS_Commit
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
/absl/SCRATCH none        *          RW          4         TCP 
ROOT_SQUASH -2            -2            KRB5I   FALSE          none 
          FALSE       FALSE
/absl/SCRATCH none        fbscpcu097 RW          3         TCP 
ROOT_SQUASH -2            -2            sys     FALSE          none 
          FALSE       FALSE


Ignore the fbscpcu097 entry, I think my departed colleague was just 
using that for testing, the NFS clients all access it though nfsv4 which 
looks to be using kerberos from this.

On 01/03/17 20:21, Jan-Frode Myklebust wrote:
> This looks to me like a quite plain SYS authorized NFS, maybe also verify
> that the individual NFS shares has sec=sys with "mmnfs export list -n
> /absl/SCRATCH".
>
>
> If you check "man mmuserauth" there are quite clear examples for how to
> connect it to AD populated with unix id and gid. I don't think this will
> affect your NFS service, since there doesn't seem to be any kerberos
> involved.
>
> But, please beware that mmuserauth will overwrite any customized sssd.conf,
> krb5.conf, winbind, etc.. As it configures the authentication for the whole
> host, not just samba/nfs-services.
>
>
> -jf
>
> ons. 1. mar. 2017 kl. 16.22 skrev Aidan Richmond <a.g.richmond at leeds.ac.uk>:
>
>> mmnfs export list
>> Path          Delegations Clients
>> -------------------------------------
>> /absl/SCRATCH none        *
>> /absl/SCRATCH none        fbscpcu097
>>
>> mmnfs config list
>>
>> NFS Ganesha Configuration:
>> ==========================
>> NFS_PROTOCOLS: 3,4
>> NFS_PORT: 2049
>> MNT_PORT: 0
>> NLM_PORT: 0
>> RQUOTA_PORT: 0
>> SHORT_FILE_HANDLE: FALSE
>> LEASE_LIFETIME: 60
>> DOMAINNAME: LEEDS.AC.UK
>> DELEGATIONS: Disabled
>> ==========================
>>
>> STATD Configuration
>> ==========================
>> STATD_PORT: 0
>> ==========================
>>
>> CacheInode Configuration
>> ==========================
>> ENTRIES_HWMARK: 1500000
>> ==========================
>>
>> Export Defaults
>> ==========================
>> ACCESS_TYPE: NONE
>> PROTOCOLS: 3,4
>> TRANSPORTS: TCP
>> ANONYMOUS_UID: -2
>> ANONYMOUS_GID: -2
>> SECTYPE: SYS
>> PRIVILEGEDPORT: FALSE
>> MANAGE_GIDS: FALSE
>> SQUASH: ROOT_SQUASH
>> NFS_COMMIT: FALSE
>> ==========================
>>
>> Log Configuration
>> ==========================
>> LOG_LEVEL: EVENT
>> ==========================
>>
>> Idmapd Configuration
>> ==========================
>> DOMAIN: DS.LEEDS.AC.UK
>> ==========================
>>

-- 
Aidan Richmond
Apple/Unix Support Officer, IT
Garstang 10.137
Faculty of Biological Sciences
University of Leeds
Clarendon Way
LS2 9JT

Tel:0113 3434252
a.g.richmond at leeds.ac.uk

More information about the gpfsug-discuss mailing list