We have a Dell enterprise file server that implements NFS4 ACLs. I can mount a NFS4 directory and nfs4_setfacl and nfs4_getfacl work correctly. Unfortunately, I am unable to get an ls listing to work correctly. I've enabled id mapping:
echo 0 > /sys/module/nfs/parameters/nfs4_disable_idmapping
and configured /etc/idmapd
[General]
Verbosity = 10
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if it differs from FQDN minus hostname
Domain = example.com
[Translation]
Method = sss
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
/etc/request-key.d/id_resolver.conf is configured
When I do a ls -l on a mounted file, the request-key is using "localhost" instead of "example.com"
nfsidmap -l
3 .id_resolver keys found:
uid:root@localhost
uid:gweatherby@localhost
gid:wheel@localhost
Has anyone figured out how to make this work?
Figured it out:
I was using the domain name in the nfs4_setfacl command. e.g.
nfs4_setfacl -a A::gweatherby@example.com :r filename
just using the account name works as desired
nfs4_setfacl -a A::gweatherby :r filename
