Re: [cifs-discuss] Idmap problem with ephemeral id in cache?

Thu, 19 Mar 2009 09:40:23 -0700 

This is CR 6807651 "rule changes do not flush cache".
Also relevant is CR 6650858 "cache flush sub-command could be useful".
For some rule changes (like the one in the CR, where I had a rule, established a cached mapping, and then removed the rule), I believe the cache entry will time out after a while (10 minutes?) and all will be well.
However, in your case I don't think the cache entry ever times out. The intent is that an ephemeral ID, once assigned, lasts until the system is rebooted. 

Workaround:  You can reset the cache by:
        # rm /var/run/idmap/idmap.db
        # svcadm restart idmap
The downside to this is that any existing ephemeral mappings are lost. That is, users without any other explicit mapping will get new ephemeral user IDs. Mostly that should not be a problem; in theory it could be a minor problem if there was file activity involving those users going on at the time. 

Kenneth Berland wrote:

I'm configuring cifs with active directory.

-bash-3.2# smbadm list
security mode: domain
domain name: HCSFLAWFIRM

Initially, i used the default ephemeral mapping and mounted the share with a 
windows client.  I can see the map and confirmed the created files matched that 
id.  Now I want to map all winusers to a single unixuser and unixgroup, so I 
added two rules:

-bash-3.2# idmap list
add -d  winuser:*[email protected]        unixuser:hero
add -d  wingroup:*[email protected]       unixgroup:staff

I have not rebooted.  The problem is that the previously emphemerally mapped 
users won't obey the new rule.  Must I reboot?  Is there another way to purge 
the idmap cache?   Or have I got it all wrong?

-bash-3.2# idmap dump -n
winuser:[email protected]   ==      uid:2147483650
winuser:[email protected]   ==      uid:2147483651
wingroup:Administrators ==      gid:2147516418
gsid:S-1-5-21-3175532399-1208509113-2856896884-189793120-2147483658     ==      
unixgroup:staff
usid:S-1-5-21-3175532399-1208509113-2856896884-189793120-1101   ==      
unixuser:hero
winuser:[email protected]        ==      uid:2147483649
wingroup:Domain [email protected]   ==      gid:2147516421
wingroup:Authenticated Users    ==      gid:2147516419
wingroup:Network        ==      gid:2147516420

_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss

Reply via email to