NFS: mapping UID's

Another NFS question. I’m reading Jay’s book Mastering Ubuntu Server en trying to bring knowledge into practice.
On my server (ksm-server1, Ubuntu server 20.04) I created two NFS shares. This is my /etc/exports file on the server:

/exports *(rw,fsid=0,no_subtree_checks)
/exports/documents *(ro,no_subtree_checks)
/exports/public *(rw,no_subtree_checks)

I can mount the shares successfully on my client (PC2-Kees, Ubuntu 2004). Because the public folder is rw I can read and write files. So that seems to be ok. But…

As Jay mentioned in his book the UID’s and GUID’s for users and groups are different on both machines. So when I list the folder on my server (/exports/public) I see this:

kees@ksm-server1:~$ ll /exports/public/
total 16
drwxrwxrwx    2 root          root                 4096 Feb  6 18:18 ./
drwxr-xr-x    5 root             root                 4096 Feb  5 17:37 ../
-rw-rw-r--    1 kees-beheer kees-beheer       14 Feb  6 18:18 file01.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file02.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file03.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file04.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file05.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file06.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file07.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file08.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file09.txt
-rw-rw-r--    1 kees-beheer kees-beheer         0 Feb  6 15:24 file10.txt
-rwxrwxrwx 1 root              root                     13 Feb  5 18:20 test2_server.txt*
-rwxrwxrwx 1 root              root                       0 Feb  5 18:13 test_server.txt*

But when I list the share on my client (/mnt/public):

14:58 kees@PC2-Kees:~ $ ll /mnt/public/
totaal 16
drwxrwxrwx 2    root  root     4096 feb  6 19:18 ./
drwxr-xr-x    6    root  root     4096 feb  5 19:40 ../
-rw-rw-r--     1    kees kees       14 feb  6 19:18 file01.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file02.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file03.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file04.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file05.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file06.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file07.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file08.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file09.txt
-rw-rw-r--     1    kees kees        0 feb  6 16:24 file10.txt
-rwxrwxrwx   1   root  root        13 feb  5 19:20 test2_server.txt*
-rwxrwxrwx   1   root  root          0 feb  5 19:13 test_server.txt*

kees and kees-beheer are different users on both machines. UID 1000 on the server is for user kees-beheer, but UID 1000 on the client is for user kees.
To overcome this problem, Jay explains to edit the /etc/idmapd.conf file on both machines in such a way that they use the same domain:

# set your own domain here, if it differs from FQDN minus hostname
Domain = home

On the server command hostname --fqdn shows:

ksm-server1.home

On the client command hostname --fqdn shows:

PC2-Kees.home

So both use the same domain.
Maybe it is good to say that DHCP-server and DNS-server are running on my modem/router and is also set to domain = home.

What can I do to map the UID’s to the right user on both systems?

We make our users with the same UIDs across our systems, else it would be a total pain.

It’s pretty easy to change user and group IDs using usermod and groupmod. You can use find, too, to make sure everything changed that needs to change. Be careful not to put 2 users at the same UID, so you may want to ‘park’ a user at a temporary UID if you need to assign another his UID during the process.

When setting up a new machine, we use Ansible to create groups and users beyond just the initial Ansible user.

1 Like

Thanks for your reply. It makes sense what you say.
I’ll have a look at Ansible, but first finish the book :grinning:

Regards,
Kees

2 Likes

Just as Buffy said, Ii too prefer to have users use the same UID across devices, so it doesn’t get out of hand when managing NFS mounts. And it’s a good practice in general, not just NFS. Unrelated to the topic, another good practice is to use the same partition scheme on everything if you can, like sda1 for /boot/efi, sda2 for /boot, sda3 for / etc. If you have one device with a nvme and one with a sata ssd, just keep the same numbers for the partition. If you use lvm, use the same name for them and similar partition scheme.

2 Likes