Dear all, I wrote recently: Seems that the mountd option --manage-gids handles the secondary groups only. I still do not quite understand why mountd (with that or another option) cannot handle the primary GID also, setting it to the GID corresponding to the UID on the server; and maybe even "squash" any UIDs in a table similar to idmap, or simply squash UIDs less than UID_MIN (squash directly, without any kernel interaction). Could you please tell me whether those are conceptually possible? Silly me, should have looked myself! Now I understand that things are not "done" in mountd, but are in the kernel: the use of those /proc/net/rpc/%s/channel things is not in the mountd binary, but in the kernel linux-source-2.6.32/net/sunrpc/svcauth_unix.c . No use setting things up in mountd, if the kernel does not bother using them. So it remains that for security, I would need NFSv4 with kerberos. Thanks for all your help, and apologies for my stubbornness. Cheers, Paul Paul Szabo psz@xxxxxxxxxxxxxxxxx http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
