View Source: rpc.nfsd(8) - Waikato Linux Users Group

Edit PageHistory Diff Info LikePages
NFSD
!!!NFSD
NAME
SYNOPSIS
DESCRIPTION
OPTIONS
SIGNALS
BUGS
SEE ALSO
AUTHORS
----
!!NAME


nfsd - NFS service daemon
!!SYNOPSIS


__/usr/sbin/rpc.nfsd [[ -f exports-file ] [[ -d facility ] [[
-P port ] [[ -R dirname ] [[ -Fhlnprstv ] [[ --debug facility ]
[[ --exports-file=file ] [[ --foreground ] [[ --help ] [[
--allow-non-root ] [[ --re-export ] [[ --public-root dirname ]
[[ --no-spoof-trace ] [[ --port port ] [[ --log-transfers ] [[
--version ] [[ numservers ]__
!!DESCRIPTION


The ''nfsd'' program is an NFS service daemon that
handles client filesystem requests. Unlike on some other
systems, ''nfsd'' operates as a normal user-level
process. The server also differs from other NFS server
implementations in that it mounts an entire file hierarchy
not limited by the boundaries of physical file-systems. The
implementation allows the clients read-only or read-write
access to the file hierarchy of the server
machine.


The ''mountd'' program starts an ancillary user-level
mount daemon.


__Running from inetd__


Usually, ''nfsd'' will be started at system boot time.
However, you may also invoke it from ''inetd'' by adding
the following two lines to
''/etc/inetd.conf'':


nfs/2 dgram  rpc/udp wait root /usr/sbin/rpc.nfsd rpc.nfsd
nfs/2 stream rpc/tcp wait root /usr/sbin/rpc.nfsd rpc.nfsd
When run from ''inetd'', will terminate after a certain period of inactivity.
!!OPTIONS


__-f__ or __--exports-file__


This option specifies the exports file, listing the clients
that this server is prepared to serve and parameters to
apply to each such mount (see exports(5)). By default
exports are read from ''/etc/exports''.


__-d facility__ or __--debug facility__


Log operations verbosely. Legal values for ''facility''
are currently ''call'' for the logging of RPC calls and
arguments, ''fhcache'' for the file handle cache
operation, ''auth'' for the authentication routines, and
''ugid'' for the uid mapping code, if used. Debug
messages will be logged to syslog(8) unless the
daemon runs in the foreground.


__-F__ or __--foreground__


Unlike in normal operation, ''nfsd'' will not detach from
the terminal when given this option. When debugging is
requested, it will be sent to standard error.


__-h__ or __--help__


Provide a short help summary.


__-l__ or __--log-transfers__


Tries to catch all files retrieved from and written the NFS
server. This is mainly for the benefit of anonymous NFS
exports and is intended to mimick the __xferlog__ file
supported by some FTP daemons. For each file store or
retrieve, a single line is written to the system log daemon
containing the client's IP address, and the file name. The
log level of these transfer records is
__daemon.info__.


__-n__ or __--allow-non-root__


Allow incoming NFS requests to be honored even if they do
not originate from reserved IP ports. Some older NFS client
implementations require this. Some newer NFS client
implementations don't believe in reserved port checking.
This check can be turned off for individual hosts by
specifying the ''insecure'' export option in
''/etc/exports''.


__-P portnum__ or __--port portnum__


Makes ''nfsd'' listen on port __portnum__ instead of
the default port 2049. By default, ''nfsd'' will listen
on the nfs/udp port specified in ''/etc/services'', or,
if that is undefined, on port 2049.


__-p__ or __--promiscuous__


Put the server into promiscuous mode where it will serve any
host on the network.


__-r__ or __--re-export__


Allow remotely mounted file-systems to be exported. This can
be used to turn a machine into a multiplier for NFS or
Novell servers. Caution should be used when re-exporting
loopback NFS mounts because re-entering the mount point will
result in deadlock between the NFS client and the NFS
server.


It should be noted that (on Linux) ''nfsd'' looks at the
major device number of the file system to find out whether
it is a remote volume; if the major number is not 0, it
assumes the file system is local. However, not only remote
file systems use major number 0, also procfs does. If you
choose to re-export NFS file systems, beware that this
potentially includes ''/proc'' if you have the file
system root exported. This poses a security problem, and you
should avoid this situation if possible.


__-t__ or __--no-spoof-trace__


By default, ''nfsd'' logs every access by unauthorized
clients. This option turns off logging of such spoof
attempts for all hosts listed explicitly in the
''exports'' file.


__-R__ or __--public-root__


Specifies the directory associated with the public file
handle. See the section on WebNFS below.


__-v__ or __--version__


Report the current version number of the
program.


__numcopies__


This is an experimental feature that lets you run several
instances of ''nfsd'' in parallel. When given a value of
__numcopies__ greater than one, ''nfsd'' will fork as
many times as specified by this value. However, the servers
do not share a common file handle cache, which makes certain
file operations impossible.


For this reason, ''nfsd'' will disallow all write
operations when invoked with this option. Although this is
very limiting, this feature may still prove useful for
exporting public FTP areas or Usenet News
spools.


__WebNFS Support__


WebNFS is an extension to the normal NFS protocol developed
by Sun that is particularly well-suited for file retrieval
over the Internet, and is intended to be used (among others)
from Web browsers.


Central to the concept is the so-called public file handle.
This is a special NFS file handle used by the NFS client
(i.e. browser) to retrieve a file without having to go
through the mount protocol. This file handle must be
associated with a directory on the server machine, relative
to which it evaluates filenames. This is the ''public root
directory'', which can be specified using the
__--public-root__ option. A Web server, for instance,
would probably use the root of its Web server as the public
root (e.g. __/home/httpd__). A Web broser requesting the
URL __nfs://foo.bar.edu/zappa.html__ would then be given
the file __/home/httpd/zappa.html__. For ease of
maintenance, the public root directory can also be specified
using a special entry in the ''exports'' file (see
exports(5) for details).


Naming a public root does ''not'' automatically export
it; you still must explicitly do that in __/etc/exports__
in order to actually make the directory accessible. A useful
set of options to export data to WebNFS clients is
__ro,all_squash,insecure__. Please refer to
exports(5) for a detailed explanation of these
flags.


Also note that a WebNFS client can also access files not
located below the public root directory as long as they are
exported to him. In particular, if you have __/home/ftp__
exported to the world in addition to the Web server's home
directory, a web client may be able to access FTP files via
__nfs://foo.bar.edu/../ftp/README__. Of course, this does
not apply to files that are not exported to the
client.
!!SIGNALS


''nfsd'' recognizes the following signals:


''SIGHUP''


causes ''nfsd'' to re-read the export file and flush the
file handle cache. If a public root was specified, this will
also regenerate the file handle associated with the public
directory name (useful when exporting a removable file
system).


''SIGUSR1''


When ''nfsd'' was invoked with debugging options, sending
this signal toggles generation of debug
information.


''SIGIOT''


When compiled with with the -DCALL_PROFILING option, sending
a SIGIOT to ''nfsd'' will cause dump the average
execution times per NFS operation into
''/tmp/nfsd.profile''.
!!BUGS


''nfsd'' does not support the retrieval of
__index.html__ files when asked to look up a directory
file name. This is not an RFC requirement, so it's rather a
feature absent than a true bug.


The __--log-transfers__ option is not always accurate
since there is no equivalent to the UNIX file system
__open()__ and __close()__ calls in the NFS protocol.
Instead, ''nfsd'' writes out a transfer record whenever
it encounters a READ or WRITE request at offset
zero.
!!SEE ALSO


exports(5), mountd(8), ugidd(8C)
!!AUTHORS


Mark Shand wrote the orignal unfsd. Don Becker extended
unfsd to support authentication and allow read-write access
and called it hnfs. Rick Sladkey added host matching,
showmount -e support, mountd authentication, inetd support,
and all of the portability and configuration code. Olaf
Kirch fixed one or two security holes and other bugs, added
the uid mapping and a couple of other things.
----
3 pages link to rpc.nfsd(8):
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.
Last edited on Tuesday, June 4, 2002 12:31:18 am by "perry"
Edit PageHistory Diff Info LikePages