Fix identity mapping problems
If your VOB policies and/or rolemaps use identities that do not map correctly over NFSv4 to identities known on the filer, you may encounter errors when changing policies or rolemaps or manipulating elements.
The errors may look like the following in the vob_log
file:
2012-09-19T11:36:02-04:00 vob_server(7960): Error: unable to set file system ACL for path 's/sdft/31/f/0-97a52b41027011e2880600018c70c92b-d8': Permission denied
2012-09-19T11:36:02-04:00 vob_server(7960): Error: Unable to chmod container /nfs4-qntap102/stg/qvm402.vobs/sourcevob3.vbs/s/sdft/31/f/0-97a52b41027011e2880600018c70c92b-d8: Permission denied
or like this in a dynamic
view:
fetch cleartext view=st1view vob=/tmp/sourcevob3 dbid=0x38 - Permission denied
cat: cannot open foo.txt
To fix this problem,
- Examine the rolemaps, policies, and effective ACLs to find the identities that cannot be mapped to the NFS V4 filer, and remove them from the policy or rolemap.
- Check the owner and group on an element to ensure that the account and group can be mapped to the NFS V4 filer. If the element's owner and group are unknown, use cleartool protect to protect the element with a known owner and group.