Provided by: nfs-common_1.2.5-3ubuntu3_amd64 bug


       nfsidmap - The NFS idmapper upcall program


       The  file  /usr/sbin/nfsidmap  is used by the NFS idmapper to translate user and group ids
       into names, and to translate user and group names into ids. Idmapper uses  request-key  to
       perform  the  upcall  and  cache  the result.  /usr/sbin/nfsidmap should only be called by
       request-key, and will perform the translation and initialize  a  key  with  the  resulting

       NFS_USE_NEW_IDMAPPER must be selected when configuring the kernel to use this feature.


       The  file /etc/request-key.conf will need to be modified so /sbin/request-key can properly
       direct the upcall. The following line should be added before a call to keyctl negate:

       create    id_resolver    *    *    /usr/sbin/nfsidmap %k %d 600

       This will direct all id_resolver requests  to  the  program  /usr/sbin/nfsidmap  The  last
       parameter,  600, defines how many seconds into the future the key will expire.  This is an
       optional parameter for /usr/sbin/nfsidmap  and  will  default  to  600  seconds  when  not

       The idmapper system uses four key descriptions:

              uid: Find the UID for the given user
              gid: Find the GID for the given group
             user: Find the user name for the given UID
            group: Find the group name for the given GID

       You  can  choose to handle any of these individually, rather than using the generic upcall
       program.  If you would like to use your own program for a uid lookup then you  would  edit
       your request-key.conf so it looks similar to this:

       create    id_resolver    uid:*     *    /some/other/program %k %d 600
       create    id_resolver    *         *    /usr/sbin/nfsidmap %k %d 600

       Notice  that  the  new line was added above the line for the generic program.  request-key
       will find the first matching line and  run  the  corresponding  program.   In  this  case,
       /some/other/program  will  handle all uid lookups, and /usr/sbin/nfsidmap will handle gid,
       user, and group lookups.


       Bryan Schumaker, <>

                                          1 October 2010                              nfsidmap(5)