OpenSuSE Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
x SuSE Linux 13.1-RELEASE x
x SuSE Linux 13.1-RELEASEx
rpc.mountd(8)               System Manager's Manual              rpc.mountd(8)

NAME
       rpc.mountd - NFS mount daemon

SYNOPSIS
       /usr/sbin/rpc.mountd [options]

DESCRIPTION
       The  rpc.mountd daemon implements the server side of the NFS MOUNT pro-
       tocol, an NFS side protocol used by NFS version  2  [RFC1094]  and  NFS
       version  3 [RFC1813].  It also responds to requests from the Linux ker-
       nel to authenticate clients and provides details of access permissions.

       The NFS server (nfsd) maintains a cache of  authentication  and  autho-
       rization  information  which is used to identify the source of each re-
       quest, and then what access permissions that source has  to  any  local
       filesystem.   When  required information is not found in the cache, the
       server sends a request to mountd to fill in  the  missing  information.
       Mountd  uses  a  table  of  information stored in /var/lib/nfs/etab and
       maintained by exportfs(8),  possibly  based  on  the  contents  of  ex-
       ports(5), to respond to each request.

   Mounting exported NFS File Systems
       The  NFS  MOUNT protocol has several procedures.  The most important of
       these are MNT (mount an export) and UMNT (unmount an export).

       A MNT request has two arguments: an explicit argument that contains the
       pathname  of the root directory of the export to be mounted, and an im-
       plicit argument that is the sender's IP address.

       When receiving a MNT request from an NFS client, rpc.mountd checks both
       the  pathname and the sender's IP address against its export table.  If
       the sender is permitted to access the requested export, rpc.mountd  re-
       turns an NFS file handle for the export's root directory to the client.
       The client can then use the root file handle and NFS LOOKUP requests to
       navigate the directory structure of the export.

   The rmtab File
       The  rpc.mountd daemon registers every successful MNT request by adding
       an entry to the /var/lib/nfs/rmtab file.  When receivng a UMNT  request
       from  an  NFS client, rpc.mountd simply removes the matching entry from
       /var/lib/nfs/rmtab, as long as the access control list for that  export
       allows that sender to access the export.

       Clients  can  discover  the  list of file systems an NFS server is cur-
       rently exporting, or the list of other clients that  have  mounted  its
       exports,  by  using  the showmount(8) command.  showmount(8) uses other
       procedures in the NFS MOUNT protocol to report  information  about  the
       server's exported file systems.

       Note,  however,  that there is little to guarantee that the contents of
       /var/lib/nfs/rmtab are accurate.  A client may  continue  accessing  an
       export even after invoking UMNT.  If the client reboots without sending
       a  UMNT  request,   stale   entries   remain   for   that   client   in
       /var/lib/nfs/rmtab.

   Mounting File Systems with NFSv4
       Version  4  (and later) of NFS does not use a separate NFS MOUNT proto-
       col.  Instead mounting is performed using regular NFS requests  handled
       by   the   NFS   server  in  the  Linux  kernel  (nfsd).   Consequently
       /var/lib/nfs/rmtab is not updated to reflect any NFSv4 activity.

OPTIONS
       -d kind  or  --debug kind
              Turn on debugging. Valid kinds are: all, auth, call, general and
              parse.

       -l or --log-auth
              Enable  logging  of  responses  to authentication and access re-
              quests from nfsd.  Each response is then cached  by  the  kernel
              for 30 minutes (or as set by --ttl below), and will be refreshed
              after 15 minutes (half the ttl time) if the relevant client  re-
              mains  active.  Note that -l is equivalent to -d auth and so can
              be enabled in /etc/nfs.conf with "debug = auth" in the  [mountd]
              section.

              rpc.mountd will always log authentication responses to MOUNT re-
              quests when NFSv3 is used, but to get similar  logs  for  NFSv4,
              this option is required.

       -i or --cache-use-ipaddr
              Normally  each  client  IP  address is matched against each host
              identifier (name, wildcard, netgroup etc) found in  /etc/exports
              and a combined identity is formed from all matching identifiers.
              Often many clients will map to the  same  combined  identity  so
              performing  this  mapping  reduces the number of distinct access
              details that the kernel needs to store.  Specifying the  -i  op-
              tion  suppresses  this mapping so that access to each filesystem
              is requested and cached separately for each client  IP  address.
              Doing  this  can  increase  the  burden  of  updating  the cache
              slightly, but can make the log messages produced by the  -l  op-
              tion easier to read.

       -T  or  --ttl
              Provide a time-to-live (TTL) for cached information given to the
              kernel.  The kernel will normally request an update if  the  in-
              formation  is  needed  after half of this time has expired.  In-
              creasing the provided number, which is in seconds,  reduces  the
              rate  of cache update requests, and this is particularly notice-
              able when these requests are logged with -l.  However increasing
              also means that changes to hostname to address mappings can take
              longer to be noticed.  The default TTL is 1800 (30 minutes).

       -F  or  --foreground
              Run in foreground (do not daemonize)

       -h  or  --help
              Display usage message.

       -o num  or  --descriptors num
              Set the limit of the number of open file descriptors to num. The
              default is to leave the limit unchanged.

       -N mountd-version  or  --no-nfs-version mountd-version
              This  option can be used to request that rpc.mountd do not offer
              certain versions of NFS. The current version of  rpc.mountd  can
              support  both NFS version 2, 3 and 4. If the either one of these
              version should not be offered, rpc.mountd must be  invoked  with
              the option --no-nfs-version <vers> .

       -n  or  --no-tcp
              Don't advertise TCP for mount.

       -p num  or  -P num  or  --port num
              Specifies  the  port  number  used for RPC listener sockets.  If
              this option is not specified, rpc.mountd  will  try  to  consult
              /etc/services,  if  gets port succeed, set the same port for all
              listener socket, otherwise chooses a random ephemeral  port  for
              each listener socket.

              This  option  can  be used to fix the port value of rpc.mountd's
              listeners when NFS MOUNT requests must traverse a  firewall  be-
              tween clients and servers.

       -H  prog or  --ha-callout prog
              Specify  a  high availability callout program.  This program re-
              ceives callouts for all MOUNT and UNMOUNT requests.  This allows
              rpc.mountd  to be used in a High Availability NFS (HA-NFS) envi-
              ronment.

              The callout program is run with 4 arguments.  The first is mount
              or  unmount depending on the reason for the callout.  The second
              will be the name of the client performing the mount.  The  third
              will  be  the path that the client is mounting.  The last is the
              number of concurrent mounts that we believe the  client  has  of
              that path.

              This callout is not needed with 2.6 and later kernels.  Instead,
              mount the nfsd filesystem on /proc/fs/nfsd.

       -s, --state-directory-path directory
              Specify a directory in which to place  state  information  (etab
              and  rmtab).   If  this  option  is not specified the default of
              /var/lib/nfs is used.

       -r, --reverse-lookup
              rpc.mountd tracks IP addresses in the rmtab file.  When  a  DUMP
              request is made (by someone running showmount -a, for instance),
              it returns IP addresses instead of hostnames  by  default.  This
              option  causes rpc.mountd to perform a reverse lookup on each IP
              address and return that hostname  instead.   Enabling  this  can
              have a substantial negative effect on performance in some situa-
              tions.

       -t N or --num-threads=N or --num-threads N
              This  option  specifies  the  number  of  worker  threads   that
              rpc.mountd  spawns.   The default is 1 thread, which is probably
              enough.  More threads are usually only needed  for  NFS  servers
              which need to handle mount storms of hundreds of NFS mounts in a
              few seconds, or when your DNS server is slow or unreliable.

       -u  or  --no-udp
              Don't advertise UDP for mounting

       -V version  or  --nfs-version version
              This option can be used to request that rpc.mountd offer certain
              versions  of  NFS. The current version of rpc.mountd can support
              both NFS version 2 and the newer version 3.

       -v  or  --version
              Print the version of rpc.mountd and exit.

       -g  or  --manage-gids
              Accept requests from the kernel to  map  user  id  numbers  into
              lists of group id numbers for use in access control.  An NFS re-
              quest will normally (except when using Kerberos or other crypto-
              graphic  authentication) contains a user-id and a list of group-
              ids.  Due to a limitation in the NFS protocol, at most 16 groups
              ids  can  be  listed.   If you use the -g flag, then the list of
              group ids received from the client will be replaced by a list of
              group  ids  determined  by  an appropriate lookup on the server.
              Note that the 'primary' group id is not affected so  a  newgroup
              command  on  the  client will still be effective.  This function
              requires a Linux Kernel with version at least 2.6.21.

CONFIGURATION FILE
       Many of the options that can be set on the command  line  can  also  be
       controlled  through  values  set in the [mountd] or, in some cases, the
       [nfsd] sections of the /etc/nfs.conf configuration file.  Values recog-
       nized  in  the  [mountd] section include manage-gids, cache-use-ipaddr,
       descriptors, port, threads, ttl, reverse-lookup,  and  state-directory-
       path, ha-callout which each have the same effect as the option with the
       same name.

       The values recognized in the [nfsd] section include  TCP,  UDP,  vers3,
       and vers4 which each have the same meaning as given by rpc.nfsd(8).

TCP_WRAPPERS SUPPORT
       You can protect your rpc.mountd listeners using the tcp_wrapper library
       or iptables(8).

       Note that the tcp_wrapper library supports only IPv4 networking.

       Add the hostnames of NFS peers that are allowed to access rpc.mountd to
       /etc/hosts.allow.   Use  the  daemon name mountd even if the rpc.mountd
       binary has a different name.

       Hostnames used in either access file will be ignored when they can  not
       be resolved into IP addresses.  For further information see the tcpd(8)
       and hosts_access(5) man pages.

   IPv6 and TI-RPC support
       TI-RPC is a pre-requisite for supporting NFS on IPv6.  If  TI-RPC  sup-
       port  is  built into rpc.mountd, it attempts to start listeners on net-
       work transports marked 'visible' in  /etc/netconfig.   As  long  as  at
       least  one  network  transport listener starts successfully, rpc.mountd
       will operate.

FILES
       /etc/exports             input file for exportfs, listing exports,  ex-
                                port options, and access control lists

       /var/lib/nfs/rmtab       table of clients accessing server's exports

SEE ALSO
       exportfs(8),  exports(5),  showmount(8),  rpc.nfsd(8),  rpc.rquotad(8),
       nfs(5), nfs.conf(5),  tcpd(8),  hosts_access(5),  iptables(8),  netcon-
       fig(5)

       RFC 1094 - "NFS: Network File System Protocol Specification"
       RFC 1813 - "NFS Version 3 Protocol Specification"
       RFC 7530 - "Network File System (NFS) Version 4 Protocol"
       RFC  8881 - "Network File System (NFS) Version 4 Minor Version 1 Proto-
       col"

AUTHOR
       Olaf Kirch, H. J. Lu, G. Allan Morris III, and a host of others.

                                  31 Dec 2009                    rpc.mountd(8)

Want to link to this manual page? Use this URL:
<
http://star2.abcm.com/cgi-bin/bsdi-man?query=rpc.mountd&sektion=8&manpath=>

home | help