Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 456180 - Large groups mapped to nobody by rpc.idmapd
Summary: Large groups mapped to nobody by rpc.idmapd
Status: CLOSED DUPLICATE of bug 453804
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: nfs-utils-lib
Version: 5.2
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Steve Dickson
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2008-07-21 23:31 UTC by Paul Howarth
Modified: 2009-06-05 16:16 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-06-05 16:16:17 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Paul Howarth 2008-07-21 23:31:31 UTC
Description of problem:
Groups with large numbers of members are mapped by rpc.idmapd to the "nobody"
user instead of the correct group name. The problem has been discussed on the
upstream mailing list at the URL for this ticket.

Version-Release number of selected component (if applicable):

How reproducible:
Every time.


Verbosity = 9
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain =


Nobody-User = nobody
Nobody-Group = nobody

Method = nsswitch

Some group entries, output from "getent group":
Domain Admins:*:512:domadmin,phowarth,troshan,mlees,gsandom

When a client does an "ls -l" for a directory containing files owned by these
groups, the "Domain Admins" and "vpcgroup" groups are mapped to the proper
names, but the "Domain Users" and "virt" groups are mapped to "nobody", as can
be seen in the server logs:

Jul 22 00:04:41 preston rpc.idmapd[21814]:  Server: (group) id "2001" -> name
Jul 22 00:06:07 preston rpc.idmapd[21814]:  Server: (group) id "513" -> name
Jul 22 00:06:36 preston rpc.idmapd[21814]:  Server: (group) id "512" -> name
Jul 22 00:20:24 preston rpc.idmapd[21814]:  Server: (group) id "5032" -> name

This is bad news when we need to use group permissions.

According to the discussion on the upstream mailing list, the problem went away
by upgrading to libnfsidmap-0.20.

Comment 1 Brian Pontz 2009-02-10 21:19:31 UTC
Same as bug #453804

Comment 3 David Kovalsky 2009-06-05 16:16:17 UTC
Indeed a dupe. 


*** This bug has been marked as a duplicate of bug 453804 ***

Note You need to log in before you can comment on or make changes to this bug.