Puppet Class: nfs::idmapd::client

Defined in:
manifests/idmapd/client.pp

Summary

Manage the `idmapd` client configuration

Overview

When using ‘idmapd`, an NFSv4 client uses `nfsidmap`, directly, instead of `nfs-idmapd.service`. `nfsidmap` is configured by `/etc/idmapd.conf`, but must be hooked into `/sbin/request-key` via `/etc/request-key.conf`.

Parameters:

  • timeout (Integer[0]) (defaults to: 600)

    ‘nfsidmap` key expiration timeout in seconds

Author:



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'manifests/idmapd/client.pp', line 12

class nfs::idmapd::client(
  Integer[0] $timeout = 600
) {

  include 'nfs::idmapd::config'

  # TODO write an augeas lens
  $_key_conf = '/etc/request-key.conf'
  $_new_line = "create\tid_resolver\t*\t*\t\t/usr/sbin/nfsidmap -t ${timeout} %k %d"
  $_remove_cmd = "/usr/bin/sed -r -i '/^create[[:space:]]+id_resolver[[:space:]]/d' ${_key_conf}"
  $_insert_cmd = "/usr/bin/sed -i '/^negate/i ${_new_line}' ${_key_conf}"
  exec { 'enable_nfsidmap_request_key':
    unless  => "/usr/bin/grep -v '#' /etc/request-key.conf | grep -q 'nfsidmap -t ${timeout}'",
    command => "${_remove_cmd};${_insert_cmd}"
  }
}