On Mon, Jan 25, 2021 at 7:23 PM Matt Snow <[email protected]> wrote: > > I can confirm that removing "--manage-gids" flag from RPCMOUNTDOPTS in > /etc/default/nfs-kernel-server now allows me to add the ZFS backed NFS share. > > From the man page: > > -g or --manage-gids > Accept requests from the kernel to map user id numbers into lists of group id > numbers for use in access control. An NFS request will normally (except when > using Kerberos or other cryptographic authentication) contains a user-id and > a list of group-ids. Due to a limitation in the NFS protocol, at most 16 > groups ids can be listed. If you use the -g flag, then the list of group ids > received from the client will be replaced by a list of group ids determined > by an appropriate lookup on the server. Note that the 'primary' group id is > not affected so a newgroup command on the client will still be effective. > This function requires a Linux Kernel with version at least 2.6.21. > > > I speculate that if I had directory services setup and the NFS server > directed there, this would be a non-issue. > > Thank you so much for your help on this, Nir & Team!
You can contribute by updating the nfs troubleshooting page with this info: https://www.ovirt.org/develop/troubleshooting-nfs-storage-issues.html See the link "Edit this page" in the bottom of the page. > On Mon, Jan 25, 2021 at 1:00 AM Nir Soffer <[email protected]> wrote: >> >> On Mon, Jan 25, 2021 at 12:33 AM Matt Snow <[email protected]> wrote: >> >> I reproduced the issue with ubuntu server 20.04 nfs server. >> >> The root cause is this setting in /etc/default/nfs-kernel-server: >> RPCMOUNTDOPTS="--manage-gids" >> >> Looking at https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1454112 >> it seems that the purpose of this option is to ignore client groups, which >> breaks ovirt. >> >> After removing this option: >> RPCMOUNTDOPTS="" >> >> And restarting nfs-kernel-server service, creating storage domain works. >> >> You can check with Ubuntu folks why they are enabling this configuration >> by default, and if disabling it has any unwanted side effects. >> >> Nir >> _______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/PHTQVU5GZCQ5AEMT53ISFXLR2IRU7T2Y/
