What does "mapping=identity" mean in /etc/exports?
Bill Davidsen
davidsen at tmr.com
Wed Feb 20 17:08:39 UTC 2013
Greg Scott wrote:
> Hello -
>
> I'm migrating an old NFS server to newer hardware. /etc/exports in the old environment looks like this:
>
> /shares/IMSHCS01 *(rw,insecure,sync,no_root_squash,all_squash,mapping=identity,anonuid=0,anongid=0
>
> So the old system is exporting the directory, /shares/IMSHCS01 to anyone and everyone who wants to connect, with a bunch of switches essentially making it wide open.
>
> Wonderful.
>
> But on the new system, when I set up /etc/exports the same way, I get this error:
>
> [root at nfs2013 etc]# exportfs -av
> exportfs: /etc/exports:1: unknown keyword "mapping=identity"
>
> [root at nfs2013 etc]#
>
> Getting rid of "mapping=identity", my shared directory exports just fine.
>
> I can find no mention of "mapping=identity" in any man pages, but several google references show this option in pasted-in copies of /etc/exports files. My hunch is, this is an obsolete option and no longer supported - but what did it do in case my new server needs to behave the same way the old server behaved?
>
I believe this is some arcane invocation of idmapd functionality. Going back to
SunOS memories, it took the user name (or perhaps number) as trusted and allowed
you to access things if your usernum was the same on the client. Understand that
Solaris replaced SunOS about 20 years ago, and don't put full faith in my memory.
In any case, if you have the same UID on all machines you will probably be fine,
but otherwise you will have to build a config file and run idmapd. The
documentation sucks, it isn't you, but "man idmapd" will get you started.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the users
mailing list