14
program implements the NFS mount protocol. When receiving a MOUNT
15
request from an NFS client, it checks the request against the list of
16
currently exported file systems. If the client is permitted to mount
14
daemon implements the server side of the NFS MOUNT protocol,
15
an NFS side protocol used by NFS version 2 [RFC1094] and NFS version 3 [RFC1813].
17
An NFS server maintains a table of local physical file systems
18
that are accessible to NFS clients.
19
Each file system in this table is referred to as an
20
.IR "exported file system" ,
25
Each file system in the export table has an access control list.
19
obtains a file handle for requested directory and returns it to
21
.SS Exporting NFS File Systems
22
Making file systems available to NFS clients is called
25
Usually, a file system and the hosts it should be made available to
30
whenever the system is booted. The
27
uses these access control lists to determine
28
whether an NFS client is permitted to access a given file system.
29
For details on how to manage your NFS server's export table, see the
32
command makes export information available to both the kernel NFS
37
Alternatively, you can export individual directories temporarily
34
.SS Mounting exported NFS File Systems
35
The NFS MOUNT protocol has several procedures.
36
The most important of these are
37
MNT (mount an export) and
38
UMNT (unmount an export).
40
A MNT request has two arguments: an explicit argument that
41
contains the pathname of the root directory of the export to be mounted,
42
and an implicit argument that is the sender's IP address.
44
When receiving a MNT request from an NFS client,
46
checks both the pathname and the sender's IP address against its export table.
47
If the sender is permitted to access the requested export,
49
returns an NFS file handle for the export's root directory to the client.
50
The client can then use the root file handle and NFS LOOKUP requests
51
to navigate the directory structure of the export.
43
For every mount request received from an NFS client,
47
file. When receiving an unmount request, that entry is removed.
49
However, this file is mostly ornamental. One, the client can continue
50
to use the file handle even after calling
52
UMOUNT procedure. And two, if a client reboots without notifying
54
a stale entry will remain in
55
daemon registers every successful MNT request by adding an entry to the
58
When receivng a UMNT request from an NFS client,
60
simply removes the matching entry from
61
.IR /var/lib/nfs/rmtab ,
62
as long as the access control list for that export allows that sender
65
Clients can discover the list of file systems an NFS server is
66
currently exporting, or the list of other clients that have mounted
67
its exports, by using the
71
uses other procedures in the NFS MOUNT protocol to report information
72
about the server's exported file systems.
74
Note, however, that there is little to guarantee that the contents of
77
A client may continue accessing an export even after invoking UMNT.
78
If the client reboots without sending a UMNT request, stale entries
79
remain for that client in
80
.IR /var/lib/nfs/rmtab .
58
83
.B \-d kind " or " \-\-debug kind
82
107
do not offer certain versions of NFS. The current version of
84
can support both NFS version 2 and the newer version 3. If the
85
NFS kernel module was compiled without support for NFSv3,
109
can support both NFS version 2, 3 and 4. If the
110
either one of these version should not be offered,
87
112
must be invoked with the option
88
.B "\-\-no-nfs-version 3" .
113
.B "\-\-no-nfs-version <vers>" .
90
115
.B \-n " or " \-\-no-tcp
91
116
Don't advertise TCP for mount.
94
119
Ignored (compatibility with unfsd??).
96
121
.B \-p " or " \-\-port num
122
Specifies the port number used for RPC listener sockets.
123
If this option is not specified,
99
to bind to the specified port num, instead of using the random port
100
number assigned by the portmapper.
125
chooses a random ephemeral port for each listener socket.
127
This option can be used to fix the port value of
129
listeners when NFS MOUNT requests must traverse a firewall
130
between clients and servers.
102
132
.B \-H " or " \-\-ha-callout prog
103
Specify a high availability callout program, which will receive callouts
104
for all client mount and unmount requests. This allows
133
Specify a high availability callout program.
134
This program receives callouts for all MOUNT and UNMOUNT requests.
106
to be used in a High Availability NFS (HA-NFS) environment. This callout is not
107
needed (and should not be used) with 2.6 and later kernels (instead,
108
mount the nfsd filesystem on
111
The program will be called with 4 arguments.
137
to be used in a High Availability NFS (HA-NFS) environment.
139
The callout program is run with 4 arguments.
118
146
The third will be the path that the client is mounting.
119
147
The last is the number of concurrent mounts that we believe the client
120
148
has of that path.
150
This callout is not needed with 2.6 and later kernels.
151
Instead, mount the nfsd filesystem on
122
154
.BI "\-s," "" " \-\-state\-directory\-path " directory
123
specify a directory in which to place statd state information.
155
Specify a directory in which to place statd state information.
124
156
If this option is not specified the default of
128
160
.BI "\-r," "" " \-\-reverse\-lookup"
129
mountd tracks IP addresses in the rmtab, and when a DUMP request is made (by
130
someone running showmount -a, for instance), it returns IP addresses instead
131
of hostnames by default. This option causes mountd to do a reverse
132
lookup on each IP address and return that hostname instead. Enabling this can
133
have a substantial negative effect on performance in some situations.
162
tracks IP addresses in the
164
file. When a DUMP request is made (by
167
for instance), it returns IP addresses instead
168
of hostnames by default. This option causes
170
to perform a reverse lookup on each IP address and return that hostname instead.
171
Enabling this can have a substantial negative effect on performance
135
174
.BR "\-t N" " or " "\-\-num\-threads=N"
136
175
This option specifies the number of worker threads that rpc.mountd
162
201
flag, then the list of group ids received from the client will be
163
202
replaced by a list of group ids determined by an appropriate lookup on
164
203
the server. Note that the 'primary' group id is not affected so a
166
205
command on the client will still be effective. This function requires
167
206
a Linux Kernel with version at least 2.6.21.
169
207
.SH TCP_WRAPPERS SUPPORT
172
version is protected by the
174
library. You have to give the clients access to
176
if they should be allowed to use it. To allow connects from clients of
177
the .bar.com domain you could use the following line in /etc/hosts.allow:
181
You have to use the daemon name
217
library supports only IPv4 networking.
219
Add the hostnames of NFS peers that are allowed to access
222
.IR /etc/hosts.allow .
183
for the daemon name (even if the binary has a different name).
185
hostnames used in either access file will be ignored when
227
binary has a different name.
229
Hostnames used in either access file will be ignored when
186
230
they can not be resolved into IP addresses.
188
For further information please have a look at the
231
For further information see the
191
234
.BR hosts_access (5)
236
.SS IPv6 and TI-RPC support
237
TI-RPC is a pre-requisite for supporting NFS on IPv6.
238
If TI-RPC support is built into
240
it attempts to start listeners on network transports marked 'visible' in
242
As long as at least one network transport listener starts successfully,
250
listing exports, export options, and access control lists
252
.I /var/lib/nfs/rmtab
253
table of clients accessing server's exports
195
255
.BR exportfs (8),
200
.BR /var/lib/nfs/xtab .
262
.BR hosts_access (5),
266
RFC 1094 - "NFS: Network File System Protocol Specification"
268
RFC 1813 - "NFS Version 3 Protocol Specification"
202
270
Olaf Kirch, H. J. Lu, G. Allan Morris III, and a host of others.