Penguin
Recent Changes
Annotated edit history of rpc.nfsd(8) version 1, including all changes. View license author blame.
Rev Author # Line
1 perry 1 NFSD
2 !!!NFSD
3 NAME
4 SYNOPSIS
5 DESCRIPTION
6 OPTIONS
7 SIGNALS
8 BUGS
9 SEE ALSO
10 AUTHORS
11 ----
12 !!NAME
13
14
15 nfsd - NFS service daemon
16 !!SYNOPSIS
17
18
19 __/usr/sbin/rpc.nfsd [[ -f exports-file ] [[ -d facility ] [[
20 -P port ] [[ -R dirname ] [[ -Fhlnprstv ] [[ --debug facility ]
21 [[ --exports-file=file ] [[ --foreground ] [[ --help ] [[
22 --allow-non-root ] [[ --re-export ] [[ --public-root dirname ]
23 [[ --no-spoof-trace ] [[ --port port ] [[ --log-transfers ] [[
24 --version ] [[ numservers ]__
25 !!DESCRIPTION
26
27
28 The ''nfsd'' program is an NFS service daemon that
29 handles client filesystem requests. Unlike on some other
30 systems, ''nfsd'' operates as a normal user-level
31 process. The server also differs from other NFS server
32 implementations in that it mounts an entire file hierarchy
33 not limited by the boundaries of physical file-systems. The
34 implementation allows the clients read-only or read-write
35 access to the file hierarchy of the server
36 machine.
37
38
39 The ''mountd'' program starts an ancillary user-level
40 mount daemon.
41
42
43 __Running from inetd__
44
45
46 Usually, ''nfsd'' will be started at system boot time.
47 However, you may also invoke it from ''inetd'' by adding
48 the following two lines to
49 ''/etc/inetd.conf'':
50
51
52 nfs/2 dgram rpc/udp wait root /usr/sbin/rpc.nfsd rpc.nfsd
53 nfs/2 stream rpc/tcp wait root /usr/sbin/rpc.nfsd rpc.nfsd
54 When run from ''inetd'', will terminate after a certain period of inactivity.
55 !!OPTIONS
56
57
58 __-f__ or __--exports-file__
59
60
61 This option specifies the exports file, listing the clients
62 that this server is prepared to serve and parameters to
63 apply to each such mount (see exports(5)). By default
64 exports are read from ''/etc/exports''.
65
66
67 __-d facility__ or __--debug facility__
68
69
70 Log operations verbosely. Legal values for ''facility''
71 are currently ''call'' for the logging of RPC calls and
72 arguments, ''fhcache'' for the file handle cache
73 operation, ''auth'' for the authentication routines, and
74 ''ugid'' for the uid mapping code, if used. Debug
75 messages will be logged to syslog(8) unless the
76 daemon runs in the foreground.
77
78
79 __-F__ or __--foreground__
80
81
82 Unlike in normal operation, ''nfsd'' will not detach from
83 the terminal when given this option. When debugging is
84 requested, it will be sent to standard error.
85
86
87 __-h__ or __--help__
88
89
90 Provide a short help summary.
91
92
93 __-l__ or __--log-transfers__
94
95
96 Tries to catch all files retrieved from and written the NFS
97 server. This is mainly for the benefit of anonymous NFS
98 exports and is intended to mimick the __xferlog__ file
99 supported by some FTP daemons. For each file store or
100 retrieve, a single line is written to the system log daemon
101 containing the client's IP address, and the file name. The
102 log level of these transfer records is
103 __daemon.info__.
104
105
106 __-n__ or __--allow-non-root__
107
108
109 Allow incoming NFS requests to be honored even if they do
110 not originate from reserved IP ports. Some older NFS client
111 implementations require this. Some newer NFS client
112 implementations don't believe in reserved port checking.
113 This check can be turned off for individual hosts by
114 specifying the ''insecure'' export option in
115 ''/etc/exports''.
116
117
118 __-P portnum__ or __--port portnum__
119
120
121 Makes ''nfsd'' listen on port __portnum__ instead of
122 the default port 2049. By default, ''nfsd'' will listen
123 on the nfs/udp port specified in ''/etc/services'', or,
124 if that is undefined, on port 2049.
125
126
127 __-p__ or __--promiscuous__
128
129
130 Put the server into promiscuous mode where it will serve any
131 host on the network.
132
133
134 __-r__ or __--re-export__
135
136
137 Allow remotely mounted file-systems to be exported. This can
138 be used to turn a machine into a multiplier for NFS or
139 Novell servers. Caution should be used when re-exporting
140 loopback NFS mounts because re-entering the mount point will
141 result in deadlock between the NFS client and the NFS
142 server.
143
144
145 It should be noted that (on Linux) ''nfsd'' looks at the
146 major device number of the file system to find out whether
147 it is a remote volume; if the major number is not 0, it
148 assumes the file system is local. However, not only remote
149 file systems use major number 0, also procfs does. If you
150 choose to re-export NFS file systems, beware that this
151 potentially includes ''/proc'' if you have the file
152 system root exported. This poses a security problem, and you
153 should avoid this situation if possible.
154
155
156 __-t__ or __--no-spoof-trace__
157
158
159 By default, ''nfsd'' logs every access by unauthorized
160 clients. This option turns off logging of such spoof
161 attempts for all hosts listed explicitly in the
162 ''exports'' file.
163
164
165 __-R__ or __--public-root__
166
167
168 Specifies the directory associated with the public file
169 handle. See the section on WebNFS below.
170
171
172 __-v__ or __--version__
173
174
175 Report the current version number of the
176 program.
177
178
179 __numcopies__
180
181
182 This is an experimental feature that lets you run several
183 instances of ''nfsd'' in parallel. When given a value of
184 __numcopies__ greater than one, ''nfsd'' will fork as
185 many times as specified by this value. However, the servers
186 do not share a common file handle cache, which makes certain
187 file operations impossible.
188
189
190 For this reason, ''nfsd'' will disallow all write
191 operations when invoked with this option. Although this is
192 very limiting, this feature may still prove useful for
193 exporting public FTP areas or Usenet News
194 spools.
195
196
197 __WebNFS Support__
198
199
200 WebNFS is an extension to the normal NFS protocol developed
201 by Sun that is particularly well-suited for file retrieval
202 over the Internet, and is intended to be used (among others)
203 from Web browsers.
204
205
206 Central to the concept is the so-called public file handle.
207 This is a special NFS file handle used by the NFS client
208 (i.e. browser) to retrieve a file without having to go
209 through the mount protocol. This file handle must be
210 associated with a directory on the server machine, relative
211 to which it evaluates filenames. This is the ''public root
212 directory'', which can be specified using the
213 __--public-root__ option. A Web server, for instance,
214 would probably use the root of its Web server as the public
215 root (e.g. __/home/httpd__). A Web broser requesting the
216 URL __nfs://foo.bar.edu/zappa.html__ would then be given
217 the file __/home/httpd/zappa.html__. For ease of
218 maintenance, the public root directory can also be specified
219 using a special entry in the ''exports'' file (see
220 exports(5) for details).
221
222
223 Naming a public root does ''not'' automatically export
224 it; you still must explicitly do that in __/etc/exports__
225 in order to actually make the directory accessible. A useful
226 set of options to export data to WebNFS clients is
227 __ro,all_squash,insecure__. Please refer to
228 exports(5) for a detailed explanation of these
229 flags.
230
231
232 Also note that a WebNFS client can also access files not
233 located below the public root directory as long as they are
234 exported to him. In particular, if you have __/home/ftp__
235 exported to the world in addition to the Web server's home
236 directory, a web client may be able to access FTP files via
237 __nfs://foo.bar.edu/../ftp/README__. Of course, this does
238 not apply to files that are not exported to the
239 client.
240 !!SIGNALS
241
242
243 ''nfsd'' recognizes the following signals:
244
245
246 ''SIGHUP''
247
248
249 causes ''nfsd'' to re-read the export file and flush the
250 file handle cache. If a public root was specified, this will
251 also regenerate the file handle associated with the public
252 directory name (useful when exporting a removable file
253 system).
254
255
256 ''SIGUSR1''
257
258
259 When ''nfsd'' was invoked with debugging options, sending
260 this signal toggles generation of debug
261 information.
262
263
264 ''SIGIOT''
265
266
267 When compiled with with the -DCALL_PROFILING option, sending
268 a SIGIOT to ''nfsd'' will cause dump the average
269 execution times per NFS operation into
270 ''/tmp/nfsd.profile''.
271 !!BUGS
272
273
274 ''nfsd'' does not support the retrieval of
275 __index.html__ files when asked to look up a directory
276 file name. This is not an RFC requirement, so it's rather a
277 feature absent than a true bug.
278
279
280 The __--log-transfers__ option is not always accurate
281 since there is no equivalent to the UNIX file system
282 __open()__ and __close()__ calls in the NFS protocol.
283 Instead, ''nfsd'' writes out a transfer record whenever
284 it encounters a READ or WRITE request at offset
285 zero.
286 !!SEE ALSO
287
288
289 exports(5), mountd(8), ugidd(8C)
290 !!AUTHORS
291
292
293 Mark Shand wrote the orignal unfsd. Don Becker extended
294 unfsd to support authentication and allow read-write access
295 and called it hnfs. Rick Sladkey added host matching,
296 showmount -e support, mountd authentication, inetd support,
297 and all of the portability and configuration code. Olaf
298 Kirch fixed one or two security holes and other bugs, added
299 the uid mapping and a couple of other things.
300 ----
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.