idload(1M) MISC. REFERENCE MANUAL PAGES idload(1M)
NAME
idload - Remote File Sharing user and group mapping
SYNOPSIS
idload [-n] [-g g_rules] [-u u_rules] [directory]
idload -k
DESCRIPTION
idload is used on Remote File Sharing server machines to
build translation tables for user and group ids. It takes
your /etc/passwd and /etc/group files and produces transla-
tion tables for user and group ids from remote machines,
according to the rules set down in the u_rules and g_rules
files. If you are mapping by user and group name, you will
need copies of remote /etc/passwd and /etc/group files. If
no rules files are specified, remote user and group ids are
mapped to MAXUID+1 (this is an id number that is one higher
than the highest number you could assign on your system.)
By default, the remote password and group files are assumed
to reside in /etc/dfs/rfs/auth.info/domain/nodename/[passwd|
group]. The directory argument indicates that some direc-
tory structure other than /etc/dfs/rfs/auth.info contains
the domain/nodename passwd and group files. (nodename is
the name of the computer the files are from and domain is
the domain that computer is a member of.) You must run
idload to put the mapping into place. Global mapping will
take effect immediately for machines that have one of your
resources currently mounted. Mapping for other specific
machines will take effect when each machine mounts one of
your resources.
-n This is used to do a trial run of the id mapping. No
translation table will be produced, however, a
display of the mapping is output to the terminal
(stdout).
-k This is used to print the idmapping that is currently
in use. (Specific mapping for remote machines will
not be shown until that machine mounts one of your
resources.)
-u u_rules
The u_rules file contains the rules for user id
translation. The default rules file is
/etc/dfs/rfs/auth.info/uid.rules.
-g g_rules
The g_rules file contains the rules for group id
translation. The default rules file is
/etc/dfs/rfs/auth.info/gid.rules. This command is
restricted to the super-user.
Last change: Remote File Sharing Utilities 1
idload(1M) MISC. REFERENCE MANUAL PAGES idload(1M)
Rules
The rules files have two types of sections (both optional):
global and host. There can be only one global section,
though there can be one host section for each computer you
want to map. The global section describes the default con-
ditions for translation for any machines that are not expli-
citly referenced in a host section. If the global section
is missing, the default action is to map all remote user and
group ids from
undefined computers to MAXUID+1. The syntax of the first
line of the global section is:
global A host section is used for each machine or group
of machines that you want to map differently from the
global definitions. The syntax of the first line of
each host section is:
host name ... where name is replaced by the full name
of a computer (domain.nodename). The format of a rules
file is described below. (All lines are optional, but
must appear in the order shown.)
global
default local | transparent
exclude remote_id-remote_id | remote_id
map remote_id:local
host domain.nodename [domain.nodename...]
default local | transparent
exclude remote_id-remote_id | remote_id | remote_name
map remote:local | remote | all
Each of these instruction types is described below.
The line
default local | transparent defines the mode of mapping
for remote users that are not specifically mapped in
instructions in other lines. transparent means that
each remote user and group id will have the same
numeric value locally unless it appears in the exclude
instruction. local can be replaced by a local user
name or id to map all users into a particular local
name or id number. If the default line is omitted, all
users that are not specifically mapped are mapped into
a "special guest" login id. The line
exclude remote_id-remote_id | remote_id | remote_name
defines remote ids that will be excluded from the
default mapping. The exclude instruction must precede
any map instructions in a block. You can use a range
of id numbers, a single id number, or a single name.
(remote_name cannot be used in a global block.) The
Last change: Remote File Sharing Utilities 2
idload(1M) MISC. REFERENCE MANUAL PAGES idload(1M)
line
map remote:local | remote | all defines the local ids
and names that remote ids and names will be mapped
into. remote is either a remote id number or remote
name; local is either a local id number or local name.
Placing a colon between a remote and a local will give
the value on the left the permissions of the value on
the right. A single remote name or id will assign the
user or group permissions of the same local name or id.
all is a predefined alias for the set of all user and
group ids found in the local /etc/passwd and /etc/group
files. (You cannot map by remote name in
global blocks.) Note: idload will always output warn-
ing messages for map all, since password files always
contain multiple administrative user names with the
same id number. The first mapping attempt on the id
number will succeed, each subsequent attempts will pro-
duce a warning. Remote File Sharing doesn't need to be
running to use idload.
EXIT STATUS
On successful completion, idload will produce one or more
translation tables and return a successful exit status. If
idload fails, the command will return an exit status of zero
and not produce a translation table.
ERRORS
If (1) either rules file cannot be found or opened, (2)
there are syntax errors in the rules file, (3) there are
semantic errors in the rules file, (4) host password or
group information could not be found, or (5) the command is
not run with super-user privileges, an error message will be
sent to standard error. Partial failures will cause a warn-
ing message to appear, though the process will continue.
FILES
/etc/passwd
/etc/group
/etc/rfs/auth.info/domain/nodename/[user| group]
/etc/rfs/auth.info/uid.rules
/etc/rfs/auth.info/gid.rules
SEE ALSO
mount(1M).
"Remote File Sharing" chapter of the System Administrator's
Guide for detailed information on ID mapping.
Last change: Remote File Sharing Utilities 3