diff options
Diffstat (limited to 'usr.sbin/nfsd/nfsv4.4')
| -rw-r--r-- | usr.sbin/nfsd/nfsv4.4 | 331 |
1 files changed, 0 insertions, 331 deletions
diff --git a/usr.sbin/nfsd/nfsv4.4 b/usr.sbin/nfsd/nfsv4.4 deleted file mode 100644 index 2230883..0000000 --- a/usr.sbin/nfsd/nfsv4.4 +++ /dev/null @@ -1,331 +0,0 @@ -.\" Copyright (c) 2009 Rick Macklem, University of Guelph -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.Dd December 3, 2009 -.Dt NFSV4 4 -.Os -.Sh NAME -.Nm NFSv4 -.Nd NFS Version 4 Protocol -.Sh DESCRIPTION -The experimental NFS client and server provides support for the -.Tn NFSv4 -specification; see -.%T "Network File System (NFS) Version 4 Protocol RFC 3530" . -The protocol is somewhat similar to NFS Version 3, but differs in significant -ways. -It uses a single compound RPC that concatenates operations to-gether. -Each of these operations are similar to the RPCs of NFS Version 3. -The operations in the compound are performed in order, until one of -them fails (returns an error) and then the RPC terminates at that point. -.Pp -It has -integrated locking support, which implies that the server is no longer -stateless. -As such, the -.Nm -server remains in recovery mode for a grace period (always greater than the -lease duration the server uses) after a reboot. -During this grace period, clients may recover state but not perform other -open/lock state changing operations. -To provide for correct recovery semantics, a small file described by -.Xr stablerestart 5 -is used by the server during the recovery phase. -If this file is missing, -the server will not start. -If this file is lost, it should be recovered from backups, since creating -an empty -.Xr stablerestart 5 -file will result in the server starting without providing a grace period -for recovery. -Note that recovery only occurs when the server -machine is rebooted, not when the -.Xr nfsd 8 -are just restarted. -.Pp -It provides several optional features not present in NFS Version 3: -.sp -.Bd -literal -offset indent -compact -- NFS Version 4 ACLs -- Referrals, which redirect subtrees to other servers - (not yet implemented) -- Delegations, which allow a client to operate on a file locally -.Ed -.Pp -The -.Nm -protocol does not use a separate mount protocol and assumes that the -server provides a single file system tree structure, rooted at the point -in the local file system tree specified by one or more -.sp 1 -.Bd -literal -offset indent -compact -V4: <rootdir> [-sec=secflavors] [host(s) or net] -.Ed -.sp 1 -line(s) in the -.Xr exports 5 -file. -(See -.Xr exports 5 -for details.) -The -.Xr nfsd 8 -allows a limited subset of operations to be performed on non-exported subtrees -of the local file system, so that traversal of the tree to the exported -subtrees is possible. -As such, the ``<rootdir>'' can be in a non-exported file system. -However, -the entire tree that is rooted at that point must be in local file systems -that are of types that can be NFS exported. -Since the -.Nm -file system is rooted at ``<rootdir>'', setting this to anything other -than ``/'' will result in clients being required to use different mount -paths for -.Nm -than for NFS Version 2 or 3. -Unlike NFS Version 2 and 3, Version 4 allows a client mount to span across -multiple server file systems, although not all clients are capable of doing -this. -.Pp -.Nm -uses names for users and groups instead of numbers. -On the wire, they -take the form: -.sp -.Bd -literal -offset indent -compact -<user>@<dns.domain> -.Ed -.sp -where ``<dns.domain>'' is not the same as the DNS domain used -for host name lookups, but is usually set to the same string. -Most systems set this ``<dns.domain>'' -to the domain name part of the machine's -.Xr hostname 1 -by default. -However, this can normally be overridden by a command line -option or configuration file for the daemon used to do the name<->number -mapping. -Under FreeBSD, the mapping daemon is called -.Xr nfsuserd 8 -and has a command line option that overrides the domain component of the -machine's hostname. -For use of -.Nm , -either client or server, this daemon must be running. -If this ``<dns.domain>'' is not set correctly or the daemon is not running, ``ls -l'' will typically -report a lot of ``nobody'' and ``nogroup'' ownerships. -.Pp -Although uid/gid numbers are no longer used in the -.Nm -protocol, they will still be in the RPC authentication fields when -using AUTH_SYS (sec=sys), which is the default. -As such, in this case both the user/group name and number spaces must -be consistent between the client and server. -.Pp -However, if you run -.Nm -with RPCSEC_GSS (sec=krb5, krb5i, krb5p), only names and KerberosV tickets -will go on the wire. -.Sh SERVER SETUP -.Pp -To set up the experimental NFS server that supports -.Nm , -you will need to either build a kernel with: -.sp -.Bd -literal -offset indent -compact -options NFSD -.Ed -and not -.Bd -literal -offset indent -compact -options NFSSERVER -.Ed -.sp -or start -.Xr mountd 8 -and -.Xr nfsd 8 -with the ``-e'' option to force use of the experimental server. -The -.Xr nfsuserd 8 -daemon must also be running. -This will occur if -.sp -.Bd -literal -offset indent -compact -nfs_server_enable="YES" -nfsv4_server_enable="YES" -nfsuserd_enable="YES" -.Ed -.sp -are set in -.Xr rc.conf 5 . -.Pp -You will also need to add at least one ``V4:'' line to the -.Xr exports 5 -file and, before starting the server for the first time, create an empty -.sp -.Bd -literal -offset indent -compact -/var/db/nfs-stablerestart -.Ed -.sp -file. -The command -.sp -.Bd -literal -offset indent -compact -install -o root -g wheel -m 600 /dev/null /var/db/nfs-stablerestart -.Ed -.sp -executed as ``su'' should suffice. -This can only be done when the server is not running and there are no -.Nm -file system mounts against the server. -If this file is lost during a crash, recovery from backups is -recommended. -.Pp -If the file systems you are exporting are only being accessed via -.Nm -there are a couple of -.Xr sysctl 8 -variables that you can change, which might improve performance. -.Bl -tag -width Ds -.It Cm vfs.newnfs.issue_delegations -when set non-zero, allows the server to issue Open Delegations to -clients. -These delegations permit the client to manipulate the file -locally on the client. -Unfortunately, at this time, client use of -delegations is limited, so performance gains may not be observed. -This can only be enabled when the file systems being exported to -.Nm -clients are not being accessed locally on the server and, if being -accessed via NFS Version 2 or 3 clients, these clients cannot be -using the NLM. -.It Cm vfs.newnfs.enable_locallocks -can be set to 0 to disable acquisition of local byte range locks. -Disabling local locking can only be done if neither local accesses -to the exported file systems nor the NLM is operating on them. -.El -.sp -Note that Samba server access would be considered ``local access'' for the above -discussion. -.Pp -To build a kernel with the experimental -.Nm -linked into it, the -.sp -.Bd -literal -offset indent -compact -options NFSD -.Ed -.sp -must be specified in the kernel's -.Xr config 5 -file. -.Sh CLIENT MOUNTS -.Pp -To do an -.Nm -mount, specify the ``nfsv4'' option on the -.Xr mount_nfs 8 -command line. -This will force use of the experimental client plus set ``tcp'' and -.Nm . -.Pp -The -.Xr nfsuserd 8 -must be running, as above. -If the -.Nm -server that is being mounted on supports delegations, you can start the -.Xr nfscbd 8 -daemon to handle client side callbacks. -This will occur if -.sp -.Bd -literal -offset indent -compact -nfsuserd_enable="YES" -nfscbd_enable="YES" -.Ed -.sp -are set in -.Xr rc.conf 5 . -.sp -Without a functioning callback path, a server will never issue Delegations -to a client. -.sp -By default, the callback address will be set to the IP address acquired via -rtalloc() in the kernel and port# 7745. -To override the default port#, a command line option for -.Xr nfscbd 8 -can be used. -.sp -To get callbacks to work when behind a NAT gateway, a port for the callback -service will need to be set up on the NAT gateway and then the address -of the NAT gateway (host IP plus port#) will need to be set by assigning the -.Xr sysctl 8 -variable vfs.newnfs.callback_addr to a string of the form: -.sp -N.N.N.N.N.N -.sp -where the first 4 Ns are the host IP address and the last two are the -port# in network byte order (all decimal #s in the range 0-255). -.Pp -To build a kernel with the experimental -.Nm -client linked into it, the option -.sp -.Bd -literal -offset indent -compact -options NFSCL -.Ed -.sp -must be specified in the kernel's -.Xr config 5 -file. -.Pp -Options can be specified for the -.Xr nfsuserd 8 -and -.Xr nfscbd 8 -daemons at boot time via the ``nfsuserd_flags'' and ``nfscbd_flags'' -.Xr rc.conf 5 -variables. -.Sh FILES -.Bl -tag -width /var/db/nfs-stablerestart -compact -.It Pa /var/db/nfs-stablerestart -NFS V4 stable restart file -.El -.Sh SEE ALSO -.Xr stablerestart 5 , -.Xr mountd 8 , -.Xr nfscbd 8 , -.Xr nfsd 8 , -.Xr nfsdumpstate 8 , -.Xr nfsrevoke 8 , -.Xr nfsuserd 8 , -.Sh BUGS -At this time, there is no recall of delegations for local file system -operations. -As such, delegations should only be enabled for file systems -that are being used solely as NFS export volumes and are not being accessed -via local system calls nor services such as Samba. |
