loads user and group information into the kernel for NFSv4.
For Kerberized NFSv4 mounts, it must be running on both client(s) and
server for correct operation.
For non-Kerberized NFSv4 mounts, this daemon must be running unless all
client(s) plus the server are configured to put uid/gid numbers in the
owner and owner_group strings.
It also provides support for manage-gids and must be running on the server if
this is being used for any version of NFS.
Upon startup, it loads the machines DNS domain name, plus timeout and
cache size limit into the kernel. It then preloads the cache with group
and user information, up to the cache size limit and forks off N children
(default 4), that service requests from the kernel for cache misses. The
master server is there for the sole purpose of killing off the slaves.
To stop the nfsuserd, send a SIGUSR1 to the master server.
The following options are available:
| -domain domain_name
This option allows you to override the default DNS domain name, which
is acquired by taking either the suffix on the machine's hostname or,
if that name is not a fully qualified host name, the canonical name as
| -usertimeout minutes
Overrides the default timeout for cache entries, in minutes.
The longer the
time out, the better the performance, but the longer it takes for replaced
entries to be seen. If your user/group database management system almost
never re-uses the same names or id numbers, a large timeout is recommended.
The default is 1 minute.
| -usermax max_cache_size
Overrides the default upper bound on the cache size. The larger the cache,
the more kernel memory is used, but the better the performance. If your
system can afford the memory use, make this the sum of the number of
entries in your group and password databases.
The default is 200 entries.
When set, the server logs a bunch of information to syslog.
This flag option must be set to restart the daemon after it has gone away
abnormally and refuses to start, because it thinks nfsuserd is already
This flag enables manage-gids for the NFS server
When this is enabled, all NFS requests using
AUTH_SYS authentication take the uid from the RPC request
and uses the group list for that uid provided by
on the server instead of the list of groups provided in the RPC authenticator.
This can be used to avoid the 16 group limit for AUTH_SYS.
Specifies how many servers to create (max 20).
The default of 4 may be sufficient. You should run enough servers, so that
shows almost no running time for one or two of the slaves after the system
has been running for a long period. Running too few will have a major
performance impact, whereas running too many will only tie up some resources,
such as a process table entry and swap space.