Provided by: nfs-common_1.2.5-3ubuntu3_i386 bug


       nfsidmap - The NFS idmapper upcall program


       The  file  /usr/sbin/nfsidmap  is used by the NFS idmapper to translate
       user and group ids into names, and to translate user  and  group  names
       into ids. Idmapper uses request-key to perform the upcall and cache the
       result.  /usr/sbin/nfsidmap should only be called by  request-key,  and
       will  perform  the  translation and initialize a key with the resulting

       NFS_USE_NEW_IDMAPPER must be selected when configuring  the  kernel  to
       use this feature.


       The   file   /etc/request-key.conf   will   need   to  be  modified  so
       /sbin/request-key can properly direct the upcall.  The  following  line
       should be added before a call to keyctl negate:

       create    id_resolver    *    *    /usr/sbin/nfsidmap %k %d 600

       This   will   direct   all   id_resolver   requests   to   the  program
       /usr/sbin/nfsidmap The last parameter, 600, defines  how  many  seconds
       into the future the key will expire.  This is an optional parameter for
       /usr/sbin/nfsidmap and will default to 600 seconds when not specified.

       The idmapper system uses four key descriptions:

              uid: Find the UID for the given user
              gid: Find the GID for the given group
             user: Find the user name for the given UID
            group: Find the group name for the given GID

       You can choose to handle any of these individually, rather  than  using
       the  generic upcall program.  If you would like to use your own program
       for a uid lookup then you would edit your request-key.conf so it  looks
       similar to this:

       create    id_resolver    uid:*     *    /some/other/program %k %d 600
       create    id_resolver    *         *    /usr/sbin/nfsidmap %k %d 600

       Notice  that  the  new  line  was  added above the line for the generic
       program.  request-key will find the first matching  line  and  run  the
       corresponding  program.   In this case, /some/other/program will handle
       all uid lookups, and /usr/sbin/nfsidmap  will  handle  gid,  user,  and
       group lookups.


       Bryan Schumaker, <>

                                1 October 2010                     nfsidmap(5)