When the nfsd module parameter nfs4_disable_idmapping ist set, which is
the default, than a user space idmapd is not required for AUTH_UNIX.
The code used in nfsd to check whether the idmap cache and user space
daemon should be used is
if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
However, we've added our own security flavor AUTH_MARIUX numerically
after AUTH_GSS:
enum rpc_auth_flavors {
RPC_AUTH_NULL = 0,
RPC_AUTH_UNIX = 1,
RPC_AUTH_SHORT = 2,
RPC_AUTH_DES = 3,
RPC_AUTH_KRB = 4,
RPC_AUTH_GSS = 6,
RPC_AUTH_TLS = 7,
RPC_AUTH_MARIUX = 8,
RPC_AUTH_MAXFLAVOR = 9,
/* pseudoflavors: */
RPC_AUTH_GSS_KRB5 = 390003,
RPC_AUTH_GSS_KRB5I = 390004,
RPC_AUTH_GSS_KRB5P = 390005,
RPC_AUTH_GSS_LKEY = 390006,
RPC_AUTH_GSS_LKEYI = 390007,
RPC_AUTH_GSS_LKEYP = 390008,
RPC_AUTH_GSS_SPKM = 390009,
RPC_AUTH_GSS_SPKMI = 390010,
RPC_AUTH_GSS_SPKMP = 390011,
};
So the check fails for AUTH_MARIUX. Although it can and should work
with numerical idents from the client, nfsd tries to use idmapd and this
fails for certain operations, because we don't start idmapd in our
environment
Exlicitly allow RPC_AUTH_MARIUX to be used without idmapd.
