mjhjmtu

I know, there are already several questions asked (and successfully answered) about NFS4 and how it manages the user mapping. Still my problem seems to be a bit different and also after reading all the other threads, I'm still lost.

So the situation is:
I have a Synology NAS and two Raspberry Pis. Both Pis run Raspbian Stretch, the non-GUI version.
I want to use the Pis as web servers (one external and one internal only). I want to keep the web app on the NAS.

On the NAS (name CHURROS, IP 192.168.1.100)

• I created a file share,


• Added the user www-data and the group www-data


• enabled NFS (version) 4
  
  
  • with no_root_squash,
  
  
  • Read/Write access
  
  
  • for the client 192.168.1.0/24
  
  

When I check the system, all looks good:

xyz@Churros:/$ sudo cat /etc/exports
/volume1/pidata 192.168.1.0/24(rw,async,no_wdelay,crossmnt,insecure,no_root_squash,insecure_locks,sec=sys,anonuid=1025,anongid=100)

xyz@Churros:id www-data
uid=1033(www-data) gid=100(users) groups=100(users),65536(www-data)

In the next step, I created the user www-data on the Pis (or better I changed the ID of the existing www-data user to the Synology ID) and mapped the share via NFS4.

The Pis are Donut (IP 192.168.1.104) and Eclair (192.168.1.102)

pi@donut:~ $ mount | grep churr
192.168.1.100:/volume1/pidata/donut on /var/churros type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.103,local_lock=none,addr=192.168.1.100)

pi@donut:~ $ id www-data
uid=1033(www-data) gid=65536(www-data) groups=65536(www-data)

and

pi@eclair:~ $ mount | grep churr
192.168.1.100:/volume1/pidata/eclair on /var/churros type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.102,local_lock=none,addr=192.168.1.100)

pi@eclair:~ $ id www-data
uid=1033(www-data) gid=65536(www-data) groups=65536(www-data)

When I now access the NFS share from Donut, all is fine: I can create folders, change the owner to www-data and this is shown on Donut (the Pi) and on Churros (the NAS):

pi@donut:~ $ ll /var/churros/
....
drwxr-xr-x 4 www-data www-data 4096 Nov 4 20:08 web

and

xyz@Churros:/$ ls -l /volume1/pidata/donut/
...
drwxr-xr-x 4 www-data www-data 4096 Nov 4 20:08 web

Cool :)

However when I mount the share from Eclair, the IDs (when I create the directory as the user www-data) are somehow mapped and when I try to change the ownership of a dir, I created as root, I get the error message Invalid argument

Even more strange is that on the NAS, the directory, I created from the Pi as www-data is shown with the correct owner.

I.e.

pi@eclair:~ $ sudo -u www-data mkdir /var/churros/web

pi@eclair:~ $ ll /var/churros/
total 4
drwxrwxrwx 2 nobody 4294967294 4096 Nov 8 18:51 web

pi@eclair:~ $ sudo chown www-data:www-data /var/churros/web/
chown: changing ownership of '/var/churros/web/': Invalid argument

but

xyz@Churros:/$ ll /volume1/pidata/eclair/
...
drwxrwxrwx+ 2 www-data www-data 4096 Nov 9 05:51 web

The only difference I'm seeing are the access privileges drwxr-xr-x for the directory created by Donut and drwxrwxrwx+ for the one of Eclair.

Because of the simplicity of the NFS server configuration, the broad client definition 192.168.1.0/24 and because the mapping from Donut is working, I don't believe the issue is created by the server but by the client.

But based on my understanding both Pis are configured identical but behave differently.

• What did I miss?


• Why is the UID shown differently on Eclair(Pi) and Churros(NAS)?


• Why do I get the weird error message?

Many thanks!