From: Steve Dickson <steved@redhat.com>
To: Linux NFS Mailing list <linux-nfs@vger.kernel.org>
Subject: [RFC PATCH 3/3] nfs-utils: Update rpc.idmap and nfsidmap man pages
Date: Thu, 18 Aug 2016 14:37:15 -0400 [thread overview]
Message-ID: <1471545435-15543-3-git-send-email-steved@redhat.com> (raw)
In-Reply-To: <1471545435-15543-1-git-send-email-steved@redhat.com>
Describe how the NFSv4 domain name can be
now be found using the _nfsv4idmapdomain DNS
TXT record
Signed-off-by: Steve Dickson <steved@redhat.com>
---
utils/idmapd/idmapd.man | 23 +++++++++++++++++++++++
utils/nfsidmap/nfsidmap.man | 9 +++++++++
2 files changed, 32 insertions(+)
diff --git a/utils/idmapd/idmapd.man b/utils/idmapd/idmapd.man
index b9200c7..d4ab894 100644
--- a/utils/idmapd/idmapd.man
+++ b/utils/idmapd/idmapd.man
@@ -23,6 +23,29 @@ is the NFSv4 ID <-> name mapping daemon. It provides functionality to
the NFSv4 kernel client and server, to which it communicates via
upcalls, by translating user and group IDs to names, and vice versa.
.Pp
+The system derives the
+.I user
+part of the string by performing a password or group lookup.
+The lookup mechanism is configured in
+.Pa /etc/idmapd.conf
+.Pp
+By default, the
+.I domain
+part of the string is the system's DNS domain name.
+It can also be specified in
+.Pa /etc/idmapd.conf
+if the system is multi-homed,
+or if the system's DNS domain name does
+not match the name of the system's Kerberos realm.
+.Pp
+When the domain is not specified in /etc/idmapd.conf
+the local DNS server will be queried for the
+.Sy _nfsv4idmapdomain
+text record. If the record exists
+that will be used as the domain. When the record
+does not exist, the domain part of the DNS domain
+will used.
+.Pp
Note that on more recent kernels only the NFSv4 server uses
.Nm .
The NFSv4 client instead uses
diff --git a/utils/nfsidmap/nfsidmap.man b/utils/nfsidmap/nfsidmap.man
index 2f17cf2..2af16f3 100644
--- a/utils/nfsidmap/nfsidmap.man
+++ b/utils/nfsidmap/nfsidmap.man
@@ -39,6 +39,15 @@ if the system is multi-homed,
or if the system's DNS domain name does
not match the name of the system's Kerberos realm.
.PP
+When the domain is not specified in
+.I /etc/idmapd.conf
+the local DNS server will be queried for the
+.I _nfsv4idmapdomain
+text record. If the record exists
+that will be used as the domain. When the record
+does not exist, the domain part of the DNS domain
+will used.
+.PP
The
.I /usr/sbin/nfsidmap
program performs translations on behalf of the kernel.
--
2.7.4
next prev parent reply other threads:[~2016-08-19 1:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-18 18:37 [RFC PATCH 1/3] libnfsidmap: Query DNS for the the NFSv4 domain Steve Dickson
2016-08-18 18:37 ` [RFC PATCH 2/3] configure.ac: Ensure the resolver library is installed Steve Dickson
2016-08-20 14:55 ` Steve Dickson
2016-08-18 18:37 ` Steve Dickson [this message]
2016-08-20 14:55 ` [RFC PATCH 3/3] nfs-utils: Update rpc.idmap and nfsidmap man pages Steve Dickson
2016-08-19 20:56 ` [RFC PATCH 1/3] libnfsidmap: Query DNS for the the NFSv4 domain Chuck Lever
2016-08-20 14:54 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1471545435-15543-3-git-send-email-steved@redhat.com \
--to=steved@redhat.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).