idmapd Command in Linux
idmapd in Linux is a daemon that is used in the NFSv4 (Network Filesystem version 4) environment to map user and group IDs (UIDs and GIDs) to names and vice versa. The idmapd daemon interacts with the NFSv4 kernel server or client through upcalls to perform ID-to-name translation.
By default, idmapd uses the system's DNS domain name to identify users. However, this can be customized in the /etc/idmapd.conf file. Note that in the more recent kernels, only the NFSv4 server uses idmapd (also denoted as rpc.idmapd), while the NFSv4 client uses nfsidmap. If there's an issue with nfsidmap, it falls back to idmapd.
Table of Contents
Here is a comprehensive guide to the options available with the idmapd command −
- Prerequisites to Use idmapd Command
- Configuration of idmapd in Linux
- Syntax of idmapd Command
- Options of idmapd Command
- Examples of idmapd Command in Linux
Prerequisites to Use idmapd Command
To use the idmapd daemon on Linux, it must be installed. To verify whether it is installed or not, use the command mentioned below −
which rpc.idmapd
If it does not show any output, that means the idmapd service is not installed and configured. Before configuration, it must be installed. The rpc.idmapd is a part of the nfs-common package. To install it on Ubuntu, Kali Linux, Debian, and Debian-based distributions use the command given below −
sudo apt-get install nfs-common
To install it on Arch Linux, use −
sudo pacman -S nfs-utils
To install it on Fedora, use the command given below −
sudo dnf install nfs-utils-1
Configuration of idmapd Command in Linux
The idmapd daemon can be configured by modifying its configuration file. The idmapd configuration file is idmapd.conf, which is in the /etc directory. Sudo privileges are required for accessing and modifying the configuration file.
First of all, open the file using any editor −
sudo nano /etc/idmapd.conf
The configuration file has two sections defined in square brackets, [General] and [Mapping]. In the [General] section specify the domain name against the Domain directive. This should match across all clients and the server to ensure proper mapping.
The [Mapping] section contains two directives: Nobody-user and Nobody-group. The Nobody-user is used to specify the user when no valid UID can be mapped. Similarly, Nobody-group is used to specify the group name when the group is not mapped to a valid GID.
After making the changes, save the file and exit the editor.
Now, restart the service to apply the changes, using the following command −
sudo systemctl restart nfs-idmapd
Now, check the daemon status −
sudo systemctl status nfs-idmapd
Next, ensure the pipefs file location is mentioned in the /etc/nfs.conf file. The pipefs is a virtual file system in Linux used for inter-process communication. It is used by the kernel to facilitate communication between the user space and kernel space, especially for services like NFS (Network File System).
Open the file in any editor −
sudo nano /etc/nfs.conf
Check and verify the pipefs file location in the [General] section as shown in the following image −
Syntax of idmapd Command
The syntax of the Linux idmapd command is as follows −
rpc.idmapd [options]
The [options] in the syntax field is used to specify the various options to change the command's behavior.
Options of idmapd Command
The options of idmapd daemon are listed below −
| Options | Description |
|---|---|
| -h | To display the usage message |
| -v | To increase the verbosity level (It can be specified multiple times) |
| -f | To run the rpc.idmapd in the foreground and display the output |
| -p path | To specify the locations of RPC pipefs (The default is /var/lib/nfs/rpc_pipefs) |
| -c path | To specify the location of configuration file (deprecated) |
| -C | Client-only mode, no ID mapping is done for the NFS server |
| -S | Server-only mode, no ID mapping is done for the NFS client |
Examples of idmapd Command in Linux
This section demonstrates the usage of the idmapd daemon in Linux −
Displaying the Usage Message
To display the usage message, use the -h option with the rpc.idmapd command −
rpc.idmapd -h
Running idmapd Daemon in the Foreground
To run the rpc.idmapd daemon in the foreground, use the -f option −
rpc.idmapd -f
The output indicates that the log level is set to zero. It can be modified by increasing the verbosity level.
Running idmapd Daemon in the Foreground with Verbose Levels
To run the rpc.idmapd daemon in the foreground, use the -f and -v options −
sudo rpc.idmapd -f -v
It can be seen in the output that the log level is now 1.
The -v option can be specified multiple times to increase the verbosity level. For example, to increase the verbosity level to 3, use -vvv −
sudo rpc.idmapd -f -vvv
Specifying the pipefs Location
The default location of pipefs is /var/lib/nfs/rpc_pipefs. However, to specify a custom location, use the -p option with the path.
sudo rpc.idmapd -p /etc/myFolder/rpc_pipefs
Conclusion
The idmapd or rpc.idmapd is a daemon in Linux that maps the user and group IDs to names and vice versa. It is primarily used in NFS environments. NFS is a file-sharing system over a network. Before using it, it must be properly configured.
In this tutorial, we explained the idmapd daemon installation, configuration, options, and usage in Linux with examples.