1:53 p.m.
You config looks like it should work, however, do you gave ID Mapper configured identical
on all three hosts involved (client, Ganesha server, proxied server)? Could you share you
network traces (both between client and Ganesha and between Ganesha and the proxied
server)? Could you share the debug log? You could add NFS4_ACL to log the permission
checking which might help.
On the idmapper stuff, you need to determine if the owner/group attributes coming from the
server are in the form "user@domain" or "1234". You may need to set
NFS4 { Allow_Numeric_Owners = true; } in your config if the owner/group attributes are
numeric. The parameter Only_Numeric_Owners will cause Ganesha to issue owners in the form
"1234" instead of "user@domain" for client side GETATTR and proxy side
SETATTR (and OPEN/CREATE). There are kernel NFS parameters that control this also for
client and I believe the server.
I'm going to bet that idmapping issues are the cause here. I hope the above gives you
enough to go on to fix the issue if that's the case.
Frank
-----Original Message-----
From: snehring(a)iastate.edu [mailto:snehring@iastate.edu]
Sent: Tuesday, June 21, 2022 7:59 AM
To: support(a)lists.nfs-ganesha.org
Subject: [NFS-Ganesha-Support] Re: Proxy-v4 access denied
Sorry that's a bit jumbled, I am able to access the upstream mount without issue,
the proxied mount via ganesha is where access is denied.
_______________________________________________
Support mailing list -- support(a)lists.nfs-ganesha.org To unsubscribe send an
email to support-leave(a)lists.nfs-ganesha.org