This solution fails at the moment I start using rsync to sync
directories to the Synology. Update when I find out where that goes wrong.
I am now using a synology for storage in the home network. Linux clients use
NFS to access the Synology, and nowadays the default NFS version is version 4,
which does things quite differently from version 3. NFS version 4 is
to use user names with NFS domain names and rpc.idmapd
instead of numeric user and group IDs.
After serious debugging I found out NFSv4 with the synology doesn't use names
as I expected. I kept looking at nfs client settings but eventually I used
tcpdump, wireshark and tshark to find out owner names aren't used at all.
Numerical UIDs are used as text in the NFSv4 answers, even for files that have
an owner that is known in the synology. As if the
is never set for the NFS server.
I confirmed this with capturing the NFS traffic with tcpdump
analyzing the pcap files with wireshark
. I indeed
reco_attr: Owner (36)
A lot of google searching confirms this, including
anyone have nfsv4 actually working? - Synology Forum
. The next step is to adjust the
idmapping in the running kernel on the synology, using:
# echo N > /sys/module/nfsd/parameters/nfs4_disable_idmapping
Now I indeed see the right strings in the NFSv4 traffic, but the idmapd
on the client doesn't translate for some reason. Fixing the
The next step is to make this change permanent on the synology. Adding a
does the trick. This I learned from reading the startup file
which loads the kernel modules.
And now I see the right data in the NFS traffic:
reco_attr: Owner (36)
And the user mapping works. On an older system I have UID 501, on the synology
I have UID 1026 and on a new system I have UID 1000, and I'm owner of the
I later gave up on getting this working completely. On write actions there are
always problems with trust. The 'solution' was to allow the nfs4 idmapping with
numeric UIDs everywhere and synchronize UIDs on all systems. This returns NFS
to version 3 sec=sys security levels but to get it working completely correct
with NFSv4 needs some sort of security and trust setup that's too much work