Hi,
Has anyone had problems with using a netgroup name in a rw access list in an exports file? I just found bug #1287. I am using a netgroup file on the filer to define names to use in the exports file currently but I have had some problems. I am running DOT 7.0.3. It would be a real drawback if I can't use a netgroup name for rw access.
Thanks,
Kerry
When they put in that functionality we went with this across the board for our environment. We use the @netgroup for our exports for root=, rw=. We also set the nfs.netgroup.strict on which saves processing time because it then immediately checks the netgroup instead of looking for a host that = our netgroup names.
This is a big win. C-
On Thu, Mar 29, 2007 at 04:41:56PM -0700, Kerry Herschel wrote:
Hi,
Has anyone had problems with using a netgroup name in a rw access list in an exports file? I just found bug #1287. I am using a netgroup file on the filer to define names to use in the exports file currently but I have had some problems. I am running DOT 7.0.3. It would be a real drawback if I can't use a netgroup name for rw access.
Thanks,
Kerry
I am running DOT 7.0.3 on a 960 using netgroups. No problems at all.
Mike Miller General Dynamics Information Technology Michael.Miller.ctr@ustranscom.mil Michael.Miller@gdit.com
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Kerry Herschel Sent: Thursday, March 29, 2007 6:42 PM To: toasters@mathworks.com Subject: bug #1287 problems with netgroup and rw access list
Hi,
Has anyone had problems with using a netgroup name in a rw access list in an exports file? I just found bug #1287. I am using a netgroup file on the filer to define names to use in the exports file currently but I have had some problems. I am running DOT 7.0.3. It would be a real drawback if I can't use a netgroup name for rw access.
Thanks,
Kerry
I am running DOT 7.0.3 on a 960 using netgroups. No problems at all.
Mike Miller General Dynamics Information Technology Michael.Miller.ctr@ustranscom.mil Michael.Miller@gdit.com
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Kerry Herschel Sent: Thursday, March 29, 2007 6:42 PM To: toasters@mathworks.com Subject: bug #1287 problems with netgroup and rw access list
Hi,
Has anyone had problems with using a netgroup name in a rw access list in an exports file? I just found bug #1287. I am using a netgroup file on the filer to define names to use in the exports file currently but I have had some problems. I am running DOT 7.0.3. It would be a real drawback if I can't use a netgroup name for rw access.
We have found that if you edit a local /etc/netgroup file on the filer to add a new NFS client, then it takes a while for the new client be be able to mount. If you don't want to wait, then you can re-export what the new client wants to mount or you can run
exportfs -f
to flush the export cache.
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
Folks,
We had MAJOR problems using exportfs -f especially during a name service outage. (major = cratered a filer)
Working with escalations at NA we found that there could be a 45 minute wait to have new root nodes show up in your netgroup. We also were told that there was no EASY way to trigger a refresh of the netgroup data. We were, however, told NOT to do an exportfs -f (which had been our standard method). Apparently I was not alone in the way I was dealing with this.
The bug and RFE for an easier way to update the netgroup for root=@netgroup is logged but not public yet.
I have a script that does several steps to force the netgroup update but I want to clear this with my escalations engineer before I publish it.
I will send out an update to this email after working with him. C-
We have found that if you edit a local /etc/netgroup file on the filer to add a new NFS client, then it takes a while for the new client be be able to mount. If you don't want to wait, then you can re-export what the new client wants to mount or you can run
exportfs -f
to flush the export cache.
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
-
Chris Blackmor -
Kerry Herschel -
Miller, Michael CTR USTRANSCOM J2 -
Stephen C. Losen