Linux – Why is file ownership inconsistent between two systems mounting the same NFS share

aixlinuxnfspermissionsusers

I have one IBM AIX server (serverA) which is connected to the san storage. I have created a volume group and also file system (jfs2) and mounted to directory /profit.

After that I created a NFS share for that directory and started the NFS daemon.

Over at another server, which is IBM AIX also (serverB), I created a mount point /profit and mounted the nfs share from serverA to serverB using the below command:
mount 192.168.10.1:/profit /profit

On serverB, I am able to access the directory and list the files in it. But the strange thing is, on serverA, the directory and files are under the oracle user ownership. But in serverB, i see them as a different user.

When I touch a file in that directory at serverB, on serverA, I see it as another user id.

Any clue how I can fix this?

Below is the file listing from serverB

$ ls -l
total 0
-rwxrwxrwx    1 root     system            0 Mar 16 15:00 haha
-rwxrwxrwx    1 radiusd  radiusd           0 Mar 16 15:19 haha2
-rwxrwxrwx    1 radiusd  radiusd           0 Mar 16 15:31 haha3
-rw-r--r--    1 oracle   oinstall          0 Mar 17 2011  hahah3
drwxrwxrwx    2 radiusd  radiusd         256 Mar 16 14:40 lost+found

On serverA it looks like below:

# ls -l /profit
total 0
-rwxrwxrwx    1 root     system            0 Mar 16 15:00 haha
-rwxrwxrwx    1 oracle   dba               0 Mar 16 15:19 haha2
-rwxrwxrwx    1 oracle   dba               0 Mar 16 15:31 haha3
-rw-r--r--    1 10       sshd              0 Mar 17 16:01 hahah3
drwxrwxrwx    2 oracle   dba             256 Mar 16 14:40 lost+found

Below is the /etc/exports file from serverA

# more /etc/exports
/profit -vers=3,sec=sys:krb5p:krb5i:krb5:dh,rw

Thanks.

Best Answer

Remember that each of the NFS client systems will determine the username by looking up the numerical UID locally using the local system's /etc/passwd, or in your centralized user database. The NFS server only stores the UID in numerical format, and does not know about usernames. This is also true for group names vs. GIDs.

In your case, serverA and serverB must have different usernames listed in /etc/passwd

To test this, use ls -n to display user and group IDs numerically, rather than converting to a user or group name in a long (-l) output. If the ls -n option is not available on AIX, consult the manpage for this feature.

To see the username-to-uid mapping, do one of the following on both serverA and serverB.

grep $THEUSERID /etc/passwd

Or, it's a good habit to use getent, since it works with /etc/password, and directory services (LDAP, etc.):

getent passwd $THEUSERID

The UIDs should be the same on both systems, but the usernames will be different.

Related Solutions

Multiple appenders writing to the same file on NFS share

In short: Yes, simultaneous writes from multiple NFS clients will be corrupted.

Simultaneous appends locally are nicely interleaved, since the OS knows the file is opened in append mode, and atomically seeks to the current end of file before each write call, regardless of other processes that may have extended the file in the meanwhile.

But on NFS, no such luck. The Linux NFS FAQ states it plainly:

A9. Why does opening files with O_APPEND on multiple clients cause the files to become corrupted?
A. The NFS protocol does not support atomic append writes, so append writes are never atomic on NFS for any platform.
Most NFS clients, including the Linux NFS client in kernels newer than 2.4.20, support "close to open" cache consistency,

A8. What is close-to-open cache consistency?
A. Perfect cache coherency among disparate NFS clients is very expensive to achieve, so NFS settles for something weaker that satisfies the requirements of most everyday types of file sharing. [...]

When the application closes the file, the NFS client writes back any pending changes to the file so that the next opener can view the changes. This also gives the NFS client an opportunity to report any server write errors to the application via the return code from close(). This behavior is referred to as close-to-open cache consistency.

The NFS write operations just contain a position to write to, and the data to be written. There's no provision for centrally coordinating where the end of file is, which is what would be needed to make sure clients don't overwrite each other.

(The page does seem a bit old, since it talks mostly about Linux kernel version 2.6, with no mention of 3.x. NFS version 4 is however mentioned in relation to kernel support, so it could be assumed the answer applies to v4 also.)

A little test made on a recent-ish Linux and an NFS v3 share:

Writing numbers out in a shell loop (for ((i=0 ; i<9999 ; i++)) ; do printf "$id %06d\n" $i >> testfile ; done), on two clients at the same time results in nicely corrupted output. Part of it:

barbar 001031
foo 000010
32
foo 000011
33
foo 000012

Here, the first loop on one machine wrote lines with barbar, while another loop on another machine wrote the foo lines. The line that should say barbar 001032 is written starting at the same position as foo 000010 line, and only the final numbers of the longer line are visible. (Note that in this case the file is actually opened and closed for each printf since the redirection is inside the loop. But it only helps in finding what the end of file was when the file was opened.)

If the file is kept open the whole time, larger blocks may be overwritten, since the promise is only that the client system writes changes to the server when the file is closed. Even truncating the file when opening doesn't change this much, since the truncation only clears the file, but does not prevent further writes by the other client when it closes the file.

Best Answer

Related Solutions

Multiple appenders writing to the same file on NFS share

Related Question