The  file  /usr/sbin/nfsidmap  is used by the NFS idmapper to translate
       user and group ids into names, and to translate user  and  group  names
       into ids. Idmapper uses request-key to perform the upcall and cache the
       result.  /usr/sbin/nfsidmap should only be called by  request-key,  and
       will  perform  the  translation and initialize a key with the resulting

       NFS_USE_NEW_IDMAPPER must be selected when configuring  the  kernel  to
       use this feature.

       The   file   /etc/request-key.conf   will   need   to  be  modified  so
       /sbin/request-key can properly direct the upcall.  The  following  line
       should be added before a call to keyctl negate:

       create    id_resolver    *    *    /usr/sbin/nfsidmap %k %d 600

       This   will   direct   all   id_resolver   requests   to   the  program
       /usr/sbin/nfsidmap The last parameter, 600, defines  how  many  seconds
       into the future the key will expire.  This is an optional parameter for
       /usr/sbin/nfsidmap and will default to 600 seconds when not specified.

       The idmapper system uses four key descriptions:

              uid: Find the UID for the given user
              gid: Find the GID for the given group
             user: Find the user name for the given UID
            group: Find the group name for the given GID

       You can choose to handle any of these individually, rather  than  using
       the  generic upcall program.  If you would like to use your own program
       for a uid lookup then you would edit your request-key.conf so it  looks
       similar to this:

       create    id_resolver    uid:*     *    /some/other/program %k %d 600
       create    id_resolver    *         *    /usr/sbin/nfsidmap %k %d 600

       Notice  that the new line was added above the line for the generic pro-
       gram.  request-key will find the first matching line and run the corre-
       sponding  program.   In  this case, /some/other/program will handle all
       uid lookups, and /usr/sbin/nfsidmap will handle gid,  user,  and  group

       Bryan Schumaker, <>

                                1 October 2010                     nfsidmap(5)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2017 Hurricane Electric. All Rights Reserved.