NFS4: what effects changes to /etc/idmapd.conf?

We have been wrestling with the problem where our NFS4 mount on our RHEL 6.3 clients show file ownership as "nobody", and where we see "nss_getpwnam: name 'blah' does not map into domain 'localdomain'" in /var/log/messages. We know that the fix is to ensure that the Domain in the /etc/idmapd.conf file on the server matches the domain on the clients. The question is this:

If we fix the domain on the clients, we need to reboot them in order to see it work. No amount of restarting nscd, nfs, rpcbind, rpcgssd, rpcidmapd, or rpcsvcgssd will enable the fix. Nor will those work in concert with a umount/mount of the partition. As a matter of fact, after we fixed our issue and rebooted the client, we shut down rpcidmapd and correct name mapping still took place on the machine.

Why do we need to reboot the machine to enable the idmapd.conf change to the domain? Is the kernel holding onto something? Thanks.


Solution 1:

The kernel does a up-calls to idmapd daemon to get the mapping. As this is quite expensive operation, the results are cached. To clean the cache run:

# nfsidmap -c

The command available in RHEL6.3 ( and clones ) and part of the nfs-utils package.