Package: nfs-kernel-server Version: 1.0.10-6+etch.1 Severity: Wishlist Hi,
The NFS protocol cannot transfer more than 16 groups which a user is member of. so when you have some directories that you can only access as member of a special group and you are in more than 16 groups, then access to that directories will not be granted. This is extremly hard to debug. I had this problem myself for several years now and worked around it by running applications by ssh -X on servers instead of on clients. The last days i wrote several debugging programs and finally found out, that depending on the amount of groups i am in, access will be granted or not. then suddenly i found information on the internet. there users said they also had such problems for years. some even claim "they switched back to windows" :-) The problem here definitly is that there is no information. you don't even find anything in nfs manpages or in configuration files. i think it is pretty common to be member of more than 16 groups today. It should be noted, that the problem exists in all versions of nfs, also in nfs4. i tested it. The only chance to get away with that problem is to add the "--manage-gids" option or "-g" to rpc.mountd. then it works - again in all nfs versions. also nfs4. I would say that option should be the default, but i found a debian bug report saying that then mac os x hangs on mounting that share. that should be checked. So my wish is: 1) the kernel (i don't know if client or server) MUST put some error message in the syslog like "nfs client: can only transfer 16 member groups. dropping some groups. expect random failures. Add --manage-gids to rpc.mountd" or so. Just a hint that there is something going wrong and what to google for! instead you are left alone without any kind of information at all. that's really bad! 2) --manage-gids should be default option 3) nfs in debian-etch should also support --manage-gids, not just in debian lenny. cya! erik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
