On 08/18/2016 02:37 PM, Steve Dickson wrote: > Describe how the NFSv4 domain name can be > now be found using the _nfsv4idmapdomain DNS > TXT record > > Signed-off-by: Steve Dickson <steved@xxxxxxxxxx> Committed... steved. > --- > utils/idmapd/idmapd.man | 23 +++++++++++++++++++++++ > utils/nfsidmap/nfsidmap.man | 9 +++++++++ > 2 files changed, 32 insertions(+) > > diff --git a/utils/idmapd/idmapd.man b/utils/idmapd/idmapd.man > index b9200c7..d4ab894 100644 > --- a/utils/idmapd/idmapd.man > +++ b/utils/idmapd/idmapd.man > @@ -23,6 +23,29 @@ is the NFSv4 ID <-> name mapping daemon. It provides functionality to > the NFSv4 kernel client and server, to which it communicates via > upcalls, by translating user and group IDs to names, and vice versa. > .Pp > +The system derives the > +.I user > +part of the string by performing a password or group lookup. > +The lookup mechanism is configured in > +.Pa /etc/idmapd.conf > +.Pp > +By default, the > +.I domain > +part of the string is the system's DNS domain name. > +It can also be specified in > +.Pa /etc/idmapd.conf > +if the system is multi-homed, > +or if the system's DNS domain name does > +not match the name of the system's Kerberos realm. > +.Pp > +When the domain is not specified in /etc/idmapd.conf > +the local DNS server will be queried for the > +.Sy _nfsv4idmapdomain > +text record. If the record exists > +that will be used as the domain. When the record > +does not exist, the domain part of the DNS domain > +will used. > +.Pp > Note that on more recent kernels only the NFSv4 server uses > .Nm . > The NFSv4 client instead uses > diff --git a/utils/nfsidmap/nfsidmap.man b/utils/nfsidmap/nfsidmap.man > index 2f17cf2..2af16f3 100644 > --- a/utils/nfsidmap/nfsidmap.man > +++ b/utils/nfsidmap/nfsidmap.man > @@ -39,6 +39,15 @@ if the system is multi-homed, > or if the system's DNS domain name does > not match the name of the system's Kerberos realm. > .PP > +When the domain is not specified in > +.I /etc/idmapd.conf > +the local DNS server will be queried for the > +.I _nfsv4idmapdomain > +text record. If the record exists > +that will be used as the domain. When the record > +does not exist, the domain part of the DNS domain > +will used. > +.PP > The > .I /usr/sbin/nfsidmap > program performs translations on behalf of the kernel. > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
