Linux – How to do NFSv4 UID mapping across systems with UID mismatches

linuxnfsusers

I am working in a lab with three Ubuntu systems, and I would like to cross-mount some filesystems via NFS. However, while the systems have some of the same usernames, the UIDs and GIDs don't match, because the three systems were set up separately. When I mount an NFS filesystem from one system to another, the ownership shows up wrong. For example, if UID 1000 is alice on server1 and the same UID, 1000, is bob on server2, then when server1 mounts server2's exported filesystem, bob's files appear to be owned by alice.

So Is there any way to make NFS (v4) convert UID's between servers via their associated user names? Googling for this, I've seen lots of references to Kerberos, LDAP, or NIS, which seems like massive overkill for such a simple task, and might not be possible since these systems are not centrally-managed. This link seems to indicate that what I ask is impossible. Is it correct?

Edit: I've tried every configuration for /etc/idmapd.conf that I can think of or find on the internet, and while the idmapd process is clearly running, so far I have not seen any evidence that NFS is making any attempt to use it at all, and it has never had any effect whatsoever on the user ID's reported on NFS mounts.

Best Answer

With no centralized user administration, the "best" way I see is for you to force all servers to use the same GID and UID for each user. Now ... I'm only talking about files and/or directories.

What I would do in this case is:

  • Register each UID and GID currently in use.
  • Edit /etc/passwd and /etc/group and match the groups on all servers. Preferably to new UIDs and GIDs so the next step will be faster

  • Run this (it will take some time):

    find / -group <OLD_GID> -exec chgrp <NEW_GID> '{}' \+
find / -user  <OLD_UID> -exec chown <NEW_UID> '{}' \+
Related Question