/* Void Main's man pages */
{ phpMan } else { main(); }
nfsidmap(5) nfsidmap(5)
NAME
nfsidmap - The NFS idmapper upcall program
DESCRIPTION
The file /usr/sbin/nfsidmap is used by the NFS idmapper to translate user and group ids into names, and to translate user
and group names into ids. Idmapper uses request-key to perform the upcall and cache the result. /usr/sbin/nfsidmap
should only be called by request-key, and will perform the translation and initialize a key with the resulting informa-
tion.
NFS_USE_NEW_IDMAPPER must be selected when configuring the kernel to use this feature.
CONFIGURING
The file /etc/request-key.conf will need to be modified so /sbin/request-key can properly direct the upcall. The follow-
ing line should be added before a call to keyctl negate:
create nfs_idmap * * /usr/sbin/nfsidmap %k %d 600
This will direct all nfs_idmap requests to the program /usr/sbin/nfsidmap The last parameter, 600, defines how many sec-
onds into the future the key will expire. This is an optional parameter for /usr/sbin/nfsidmap and will default to 600
seconds when not specified.
The idmapper system uses four key descriptions:
uid: Find the UID for the given user
gid: Find the GID for the given group
user: Find the user name for the given UID
group: Find the group name for the given GID
You can choose to handle any of these individually, rather than using the generic upcall program. If you would like to
use your own program for a uid lookup then you would edit your request-key.conf so it looks similar to this:
create nfs_idmap uid:* * /some/other/program %k %d 600
create nfs_idmap * * /usr/sbin/nfsidmap %k %d 600
Notice that the new line was added above the line for the generic program. request-key will find the first matching line
and run the corresponding program. In this case, /some/other/program will handle all uid lookups, and /usr/sbin/nfsidmap
will handle gid, user, and group lookups.
AUTHOR
Bryan Schumaker, <bjschumaATnetapp.com>
1 October 2010 nfsidmap(5)
