diff options
author | gordon <gordon@FreeBSD.org> | 2002-07-07 22:22:16 +0000 |
---|---|---|
committer | gordon <gordon@FreeBSD.org> | 2002-07-07 22:22:16 +0000 |
commit | ea5e54bfd7c29b7ace1100eba8744fc439829a6e (patch) | |
tree | 144beb82852eaa1f31ef72e28f7b4ad520494d60 /sbin/mountd/exports.5 | |
parent | 6a6fb8b86ab556d4ce74780f4f53e79aedce96bb (diff) | |
download | FreeBSD-src-ea5e54bfd7c29b7ace1100eba8744fc439829a6e.zip FreeBSD-src-ea5e54bfd7c29b7ace1100eba8744fc439829a6e.tar.gz |
Remove nfsd and mountd from src/sbin, look for it in src/usr.sbin
Diffstat (limited to 'sbin/mountd/exports.5')
-rw-r--r-- | sbin/mountd/exports.5 | 323 |
1 files changed, 0 insertions, 323 deletions
diff --git a/sbin/mountd/exports.5 b/sbin/mountd/exports.5 deleted file mode 100644 index 98e1f24..0000000 --- a/sbin/mountd/exports.5 +++ /dev/null @@ -1,323 +0,0 @@ -.\" Copyright (c) 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)exports.5 8.3 (Berkeley) 3/29/95 -.\" $FreeBSD$ -.\" -.Dd March 29, 1995 -.Dt EXPORTS 5 -.Os -.Sh NAME -.Nm exports -.Nd define remote mount points for -.Tn NFS -mount requests -.Sh SYNOPSIS -.Nm -.Sh DESCRIPTION -The -.Nm -file specifies remote mount points for the -.Tn NFS -mount protocol per the -.Tn NFS -server specification; see -.%T "Network File System Protocol Specification" , -RFC1094, Appendix A and -.%T "NFS: Network File System Version 3 Specification" , -Appendix I. -.Pp -Each line in the file -(other than comment lines that begin with a #) -specifies the mount point(s) and export flags within one local server -filesystem for one or more hosts. -A long line may be split over several lines by ending all but the -last line with a backslash -.Pq Ql \e . -A host may be specified only once for each local filesystem on the -server and there may be only one default entry for each server -filesystem that applies to all other hosts. -The latter exports the filesystem to the ``world'' and should -be used only when the filesystem contains public information. -.Pp -In a mount entry, -the first field(s) specify the directory path(s) within a server filesystem -that can be mounted on by the corresponding client(s). -There are two forms of this specification. -The first is to list all mount points as absolute -directory paths separated by whitespace. -The second is to specify the pathname of the root of the filesystem -followed by the -.Fl alldirs -flag; -this form allows the host(s) to mount at any point within the filesystem, -including regular files if the -.Fl r -option is used on -.Xr mountd 8 . -The pathnames must not have any symbolic links in them and should not have -any "." or ".." components. -Mount points for a filesystem may appear on multiple lines each with -different sets of hosts and export options. -.Pp -The second component of a line specifies how the filesystem is to be -exported to the host set. -The option flags specify whether the filesystem -is exported read-only or read-write and how the client uid is mapped to -user credentials on the server. -.Pp -Export options are specified as follows: -.Pp -.Sm off -.Fl maproot No = Sy user -.Sm on -The credential of the specified user is used for remote access by root. -The credential includes all the groups to which the user is a member -on the local machine (see -.Xr id 1 ) . -The user may be specified by name or number. -.Pp -.Sm off -.Fl maproot No = Sy user:group1:group2:... -.Sm on -The colon separated list is used to specify the precise credential -to be used for remote access by root. -The elements of the list may be either names or numbers. -Note that user: should be used to distinguish a credential containing -no groups from a complete credential for that user. -.Pp -.Sm off -.Fl mapall No = Sy user -.Sm on -or -.Sm off -.Fl mapall No = Sy user:group1:group2:... -.Sm on -specifies a mapping for all client uids (including root) -using the same semantics as -.Fl maproot . -.Pp -The option -.Fl r -is a synonym for -.Fl maproot -in an effort to be backward compatible with older export file formats. -.Pp -In the absence of -.Fl maproot -and -.Fl mapall -options, remote accesses by root will result in using a credential of -2:-2. -All other users will be mapped to their remote credential. -If a -.Fl maproot -option is given, -remote access by root will be mapped to that credential instead of -2:-2. -If a -.Fl mapall -option is given, -all users (including root) will be mapped to that credential in -place of their own. -.Pp -The -.Fl kerb -option specifies that the Kerberos authentication server should be -used to authenticate and map client credentials. -This option requires that the kernel be built with the NFSKERB option. -The use of this option will prevent the kernel from compiling -unless calls to the appropriate Kerberos encryption routines -are provided in the NFS source. -.Pp -The -.Fl ro -option specifies that the filesystem should be exported read-only -(default read/write). -The option -.Fl o -is a synonym for -.Fl ro -in an effort to be backward compatible with older export file formats. -.Pp -.Tn WebNFS -exports strictly according to the spec (RFC 2054 and RFC 2055) can -be done with the -.Fl public -flag. -However, this flag in itself allows r/w access to all files in -the filesystem, not requiring reserved ports and not remapping uids. -It -is only provided to conform to the spec, and should normally not be used. -For a -.Tn WebNFS -export, -use the -.Fl webnfs -flag, which implies -.Fl public , -.Sm off -.Fl mapall No = Sy nobody -.Sm on -and -.Fl ro . -.Pp -A -.Sm off -.Fl index No = Sy file -.Sm on -option can be used to specify a file whose handle will be returned if -a directory is looked up using the public filehandle -.Pq Tn WebNFS . -This is to mimic the behavior of URLs. -If no -.Fl index -option is specified, a directory filehandle will be returned as usual. -The -.Fl index -option only makes sense in combination with the -.Fl public -or -.Fl webnfs -flags. -.Pp -The third component of a line specifies the host set to which the line applies. -The set may be specified in three ways. -The first way is to list the host name(s) separated by white space. -(Standard Internet ``dot'' addresses may be used in place of names.) -The second way is to specify a ``netgroup'' as defined in the netgroup file (see -.Xr netgroup 5 ) . -The third way is to specify an Internet subnetwork using a network and -network mask that is defined as the set of all hosts with addresses within -the subnetwork. -This latter approach requires less overhead within the -kernel and is recommended for cases where the export line refers to a -large number of clients within an administrative subnet. -.Pp -The first two cases are specified by simply listing the name(s) separated -by whitespace. -All names are checked to see if they are ``netgroup'' names -first and are assumed to be hostnames otherwise. -Using the full domain specification for a hostname can normally -circumvent the problem of a host that has the same name as a netgroup. -The third case is specified by the flag -.Sm off -.Fl network No = Sy netname -.Sm on -and optionally -.Sm off -.Fl mask No = Sy netmask . -.Sm on -If the mask is not specified, it will default to the mask for that network -class (A, B or C; see -.Xr inet 4 ) . -.Pp -For example: -.Bd -literal -offset indent -/usr /usr/local -maproot=0:10 friends -/usr -maproot=daemon grumpy.cis.uoguelph.ca 131.104.48.16 -/usr -ro -mapall=nobody -/u -maproot=bin: -network 131.104.48 -mask 255.255.255.0 -/u2 -maproot=root friends -/u2 -alldirs -kerb -network cis-net -mask cis-mask -.Ed -.Pp -Given that -.Sy /usr , -.Sy /u -and -.Sy /u2 -are -local filesystem mount points, the above example specifies the following: -.Sy /usr -is exported to hosts -.Em friends -where friends is specified in the netgroup file -with users mapped to their remote credentials and -root mapped to uid 0 and group 10. -It is exported read-write and the hosts in ``friends'' can mount either /usr -or /usr/local. -It is exported to -.Em 131.104.48.16 -and -.Em grumpy.cis.uoguelph.ca -with users mapped to their remote credentials and -root mapped to the user and groups associated with ``daemon''; -it is exported to the rest of the world as read-only with -all users mapped to the user and groups associated with ``nobody''. -.Pp -.Sy /u -is exported to all hosts on the subnetwork -.Em 131.104.48 -with root mapped to the uid for ``bin'' and with no group access. -.Pp -.Sy /u2 -is exported to the hosts in ``friends'' with root mapped to uid and groups -associated with ``root''; -it is exported to all hosts on network ``cis-net'' allowing mounts at any -directory within /u2 and mapping all uids to credentials for the principal -that is authenticated by a Kerberos ticket. -.Pp -The -.Xr mountd 8 -utility can be made to re-read the -.Nm -file by sending it a hangup signal as follows: -.Bd -literal -offset indent -kill -s HUP `cat /var/run/mountd.pid` -.Ed -.Pp -After sending the -.Dv SIGHUP , -check the -.Xr syslogd 8 -output to see whether -.Xr mountd 8 -logged any parsing errors in the -.Nm -file. -.Sh FILES -.Bl -tag -width /etc/exports -compact -.It Pa /etc/exports -the default remote mount-point file -.El -.Sh SEE ALSO -.Xr netgroup 5 , -.Xr mountd 8 , -.Xr nfsd 8 , -.Xr showmount 8 -.Sh BUGS -The export options are tied to the local mount points in the kernel and -must be non-contradictory for any exported subdirectory of the local -server mount point. -It is recommended that all exported directories within the same server -filesystem be specified on adjacent lines going down the tree. -You cannot specify a hostname that is also the name of a netgroup. -Specifying the full domain specification for a hostname can normally -circumvent the problem. |