|
Packit |
5f9837 |
==========
|
|
Packit |
5f9837 |
cifs.idmap
|
|
Packit |
5f9837 |
==========
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
-----------------------------------------------------------------------
|
|
Packit |
5f9837 |
Userspace helper for mapping ids for Common Internet File System (CIFS)
|
|
Packit |
5f9837 |
-----------------------------------------------------------------------
|
|
Packit |
5f9837 |
:Manual section: 8
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
********
|
|
Packit |
5f9837 |
SYNOPSIS
|
|
Packit |
5f9837 |
********
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
cifs.idmap [--help|-h] [--timeout|-t] [--version|-v] {keyid}
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
***********
|
|
Packit |
5f9837 |
DESCRIPTION
|
|
Packit |
5f9837 |
***********
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
This tool is part of the cifs-utils suite.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **cifs.idmap**\ is a userspace helper program for the linux CIFS client
|
|
Packit |
5f9837 |
filesystem. There are a number of activities that the kernel cannot
|
|
Packit |
5f9837 |
easily do itself. This program is a callout program that does these
|
|
Packit |
5f9837 |
things for the kernel and then returns the result.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **cifs.idmap**\ is generally intended to be run when the kernel calls
|
|
Packit |
5f9837 |
request-key(8) for a particular key type. While it can be run
|
|
Packit |
5f9837 |
directly from the command-line, it is not generally intended to be run
|
|
Packit |
5f9837 |
that way.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
This program is only called if a share is mounted with the \ **cifsacl**\
|
|
Packit |
5f9837 |
mount option. The kernel will only upcall to do this conversion if
|
|
Packit |
5f9837 |
that mount option is specified.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **cifs.idmap**\ relies on a plugin to handle the ID mapping. If it can't
|
|
Packit |
5f9837 |
find the plugin then it will not work properly. The plugin (or a
|
|
Packit |
5f9837 |
symlink to it) must be at @pluginpath@.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
In the case where \ **cifs.idmap**\ or the plugin are unavailable, file
|
|
Packit |
5f9837 |
objects in a mounted share are assigned uid and gid of the credentials
|
|
Packit |
5f9837 |
of the process that mounted the share. It is strongly recomemended to
|
|
Packit |
5f9837 |
use mount options of uid and gid to specify a default uid and gid to
|
|
Packit |
5f9837 |
map owner SIDs and group SIDs in this situation.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
*******
|
|
Packit |
5f9837 |
OPTIONS
|
|
Packit |
5f9837 |
*******
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **--help|-h**\
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
Print the usage message and exit.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **--timeout|-t**\
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
Set the expiration timer, in seconds on the key. The default is 600
|
|
Packit |
5f9837 |
seconds (10 minutes). Setting this to 0 will cause the key to never
|
|
Packit |
5f9837 |
expire.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **--version|-v**\
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
Print version number and exit.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
************************
|
|
Packit |
5f9837 |
CONFIGURATION FOR KEYCTL
|
|
Packit |
5f9837 |
************************
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **cifs.idmap**\ is designed to be called from the kernel via the
|
|
Packit |
5f9837 |
request-key callout program. This requires that request-key be told
|
|
Packit |
5f9837 |
where and how to call this program. Currently \ **cifs.idmap**\ handles a
|
|
Packit |
5f9837 |
key type of:
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
\ **cifs.idmap**\
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
This keytype is for mapping a SID to either an uid or a gid
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
To make this program useful for CIFS, you will need to set up entry for it in
|
|
Packit |
5f9837 |
request-key.conf(5). Here is an example of an entry for this key type:
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
.. code-block:: perl
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#OPERATION TYPE D C PROGRAM ARG1 ARG2...
|
|
Packit |
5f9837 |
#========= ============= = = ================================
|
|
Packit |
5f9837 |
create cifs.idmap * * @sbindir@/cifs.idmap %k
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
See request-key.conf(5) for more info on each field.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
*****
|
|
Packit |
5f9837 |
NOTES
|
|
Packit |
5f9837 |
*****
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
Support for upcalls to cifs.idmap was initially introduced in the 3.0
|
|
Packit |
5f9837 |
kernel.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
********
|
|
Packit |
5f9837 |
SEE ALSO
|
|
Packit |
5f9837 |
********
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
request-key.conf(5), mount.cifs(8)
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
******
|
|
Packit |
5f9837 |
AUTHOR
|
|
Packit |
5f9837 |
******
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
Shirish Pargaonkar wrote the cifs.idmap program.
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
The Linux CIFS Mailing list is the preferred place to ask questions
|
|
Packit |
5f9837 |
regarding these programs.
|
|
Packit |
5f9837 |
|