diff --git a/0016-libnfsidmap-try-to-get-the-domain-directly-from-host.patch b/0016-libnfsidmap-try-to-get-the-domain-directly-from-host.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3fa3403a950478c25f04d7c21c67d75a53ba41de
--- /dev/null
+++ b/0016-libnfsidmap-try-to-get-the-domain-directly-from-host.patch
@@ -0,0 +1,54 @@
+From 90a23f7c6343bcb1b69c93ceccc14cc06e14d958 Mon Sep 17 00:00:00 2001
+From: Aram Akhavan <github@aram.nubmail.ca>
+Date: Sat, 15 Jul 2023 13:21:04 -0400
+Subject: [PATCH] libnfsidmap: try to get the domain directly from hostname if
+ the DNS lookup fails and always show the log message if the domain can't be
+ determined
+
+In nfs4_init_name_mapping(), if no domain is specified in the config file, the hostname will be looked up in DNS, and the domain extracted from that.
+If DNS resolution isn't up at this time (i.e. on idmapd startup), the hardcoded domain in IDMAPD_DEFAULT_DOMAIN is used. This will break id mapping
+for anyone who doesn't happen to use "localdomain". Previously, the log message indicating this has happened requires -v to be passed, so the
+"failure" was silent by default.
+
+Signed-off-by: Aram Akhavan <github@aram.nubmail.ca>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ support/nfsidmap/libnfsidmap.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/support/nfsidmap/libnfsidmap.c b/support/nfsidmap/libnfsidmap.c
+index 0a912e52..f8c36480 100644
+--- a/support/nfsidmap/libnfsidmap.c
++++ b/support/nfsidmap/libnfsidmap.c
+@@ -219,10 +219,15 @@ static int domain_from_dns(char **domain)
+ 
+ 	if (gethostname(hname, sizeof(hname)) == -1)
+ 		return -1;
+-	if ((he = gethostbyname(hname)) == NULL)
+-		return -1;
+-	if ((c = strchr(he->h_name, '.')) == NULL || *++c == '\0')
+-		return -1;
++	if ((he = gethostbyname(hname)) == NULL) {
++		IDMAP_LOG(1, ("libnfsidmap: DNS lookup of hostname failed. Attempting to use domain from hostname as is."));
++		if ((c = strchr(hname, '.')) == NULL || *++c == '\0')
++			return -1;
++	}
++	else {
++		if ((c = strchr(he->h_name, '.')) == NULL || *++c == '\0')
++			return -1;
++	}
+ 	/* 
+ 	 * Query DNS to see if the _nfsv4idmapdomain TXT record exists
+ 	 * If so use it... 
+@@ -387,7 +392,7 @@ int nfs4_init_name_mapping(char *conffile)
+ 		dflt = 1;
+ 		ret = domain_from_dns(&default_domain);
+ 		if (ret) {
+-			IDMAP_LOG(1, ("libnfsidmap: Unable to determine "
++			IDMAP_LOG(0, ("libnfsidmap: Unable to determine "
+ 				  "the NFSv4 domain; Using '%s' as the NFSv4 domain "
+ 				  "which means UIDs will be mapped to the 'Nobody-User' "
+ 				  "user defined in %s", 
+-- 
+2.39.2 (Apple Git-143)
+
diff --git a/0017-Fixed-a-regression-in-the-junction-code.patch b/0017-Fixed-a-regression-in-the-junction-code.patch
new file mode 100644
index 0000000000000000000000000000000000000000..eed2004a2e8959aec6052f314574c29795f62dba
--- /dev/null
+++ b/0017-Fixed-a-regression-in-the-junction-code.patch
@@ -0,0 +1,31 @@
+From 7916134e5d9b1641effd3b6d964c806a09cfdcee Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Thu, 10 Aug 2023 11:57:39 -0400
+Subject: [PATCH] Fixed a regression in the junction code
+
+commit cdbef4e9 created a regression in the
+in the junction code by adding a O_PATH flag
+to the open() in junction_open_path()
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2213669
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ support/junction/junction.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/support/junction/junction.c b/support/junction/junction.c
+index 0628bb0f..c1ec8ff8 100644
+--- a/support/junction/junction.c
++++ b/support/junction/junction.c
+@@ -63,7 +63,7 @@ junction_open_path(const char *pathname, int *fd)
+ 	if (pathname == NULL || fd == NULL)
+ 		return FEDFS_ERR_INVAL;
+ 
+-	tmp = open(pathname, O_PATH|O_DIRECTORY);
++	tmp = open(pathname, O_DIRECTORY);
+ 	if (tmp == -1) {
+ 		switch (errno) {
+ 		case EPERM:
+-- 
+2.39.2 (Apple Git-143)
+
diff --git a/nfs-utils.spec b/nfs-utils.spec
index e8292279e3e8145b0428e5fc32dae1787320e24b..9bb40e3d8ee5d73acd8b6c760213a9860ea30f37 100644
--- a/nfs-utils.spec
+++ b/nfs-utils.spec
@@ -4,7 +4,7 @@
 
 Name:    nfs-utils
 Version: 2.5.4
-Release: 13
+Release: 14
 Epoch:   2
 Summary: The Linux NFS userland utility package
 License: MIT and GPLv2 and GPLv2+ and BSD
@@ -28,6 +28,8 @@ Patch12: 0012-rpcdebug-avoid-buffer-underflow-if-read-returns-0.patch
 Patch13: 0013-export-Fix-rootdir-corner-case-in-next_mnt.patch
 Patch14: 0014-Move-version.h-into-a-common-include-directory.patch
 Patch15: 0015-mountd-only-do-NFSv4-logging-on-supported-kernels.patch
+Patch16: 0016-libnfsidmap-try-to-get-the-domain-directly-from-host.patch
+Patch17: 0017-Fixed-a-regression-in-the-junction-code.patch
 
 BuildRequires: libevent-devel,libcap-devel, libtirpc-devel libblkid-devel
 BuildRequires: krb5-libs >= 1.4 autoconf >= 2.57 openldap-devel >= 2.2
@@ -296,6 +298,9 @@ fi
 %{_mandir}/*/*
 
 %changelog
+* Tue Sep 12 2023 wuguanghao <wuguanghao3@huawei.com> - 2:2.5.4-14
+- backport bugfix patches from community
+
 * Tue Aug 29 2023 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 2:2.5.4-13
 - backport two bugfix patches