The Blog of Harald

Today I finally learned how to solve the NFS UID problem on Ubuntu.

You see, NFS normally does it’s permissions by numeric UID. If the UIDs on two different machines don’t match, then NFS permission checking doesn’t work; you don’t get access to your own files, and you might get access to somebody else’s files instead!

Ubuntu, of course, has no standard UIDs, not even for system services. So my four ubuntu boxes here each have different username <> UID maps.

Enter the ugidd package, which is an RPC daemon that runs on the client. The NFS server calls this daemon when a mount request comes in, and dynamically builds a UID map between the server and the client, based on the string usernames. As a side effect, it also seems to map userids that are not assigned on the client to ‘nobody’. In this way, the nfs server can map UIDs between systems, without the administrator (that’s me!) maintaining static map files.

The one downside is that this feature requires the user-space NFS server instead of the kernel nfs server, so performance suffers a bit. I have CPU to spare, though!

Now I can use NFS between my MythTV boxes :-)