1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
.TH NFSSERVER 8
.SH NAME
nfsserver, portmapper, pcnfsd, 9auth \- NFS service
.SH SYNOPSIS
.B aux/nfsserver
[
.I rpc-options...
]
[
.I nfs-options...
]
.br
.B aux/pcnfsd
[
.I rpc-options...
]
.br
.B aux/portmapper
[
.I rpc-options...
]
.SH DESCRIPTION
These programs collectively provide NFS access to Plan 9 file servers.
.IR Nfsserver ,
.IR pcnfsd ,
and
.I portmapper
run on a Plan 9 CPU server, and should be started in that order.
All users on client machines have the
access privileges of the Plan 9 user
.LR none .
.PP
The
.I rpc-options
are all intended for debugging:
.nr zz \w'\f5-a\f2 addr'+2n/1n
.TP \n(zz
.B -r
Reject: answer all RPC requests by returning the
.B AUTH_TOOWEAK
error.
.TP
.B -v
Verbose: show all RPC calls and internal program state, including 9P messages.
(In any case, the program creates a file
.BI /srv/ name .chat
where
.I name
is that of the program; echoing
.L 1
or
.L 0
into this file sets or clears the
.B -v
flag dynamically.)
.TP
.B -D
Debug: show all RPC messages (at a lower level than
.BR -v ).
This flag may be repeated to get more detail.
.TP
.B -C
Turn off caching: do not answer RPC requests using the
RPC reply cache.
.PP
The
.I nfs-options
are:
.TP \n(zz
.BI -a " addr"
Set up NFS service for the 9P server at network address
.IR addr .
.TP
.BI -f " file"
Set up NFS service for the 9P server at
.I file
(typically an entry in
.BR /srv ).
.TP
.B -n
Do not allow per-user authentication.
.TP
.BI -c " file"
.I File
contains the uid/gid map configuration. It is read at startup
and subsequently every hour (or if
.L c
is echoed into
.BR /srv/nfsserver.chat ).
Blank lines or lines beginning with
.L #
are ignored; lines beginning with
.L !
are executed as commands; otherwise lines contain four fields
separated by white space: a regular expression (in the notation of
.IR regexp (6))
for a class of servers, a regular expression for
a class of clients, a file of user id's (in the format of a Unix
password file), and a file of group id's (same format).
.PP
NFS clients must be in the Plan 9
.B /lib/ndb
database.
The machine name is deduced from the IP address via
.BR ndb/query .
The machine name specified in the NFS Unix credentials
is completely ignored.
.PP
.I Pcnfsd
is a toy program that authorizes PC-NFS clients. All clients
are mapped to uid=1, gid=1
.RB ( daemon
on most systems) regardless of name or password.
.SH EXAMPLES
A simple
.B /lib/ndb/nfs
might contain:
.PP
.EX
!9fs tcp!ivy
\&.+ [^.]+\e.cvrd\e.hall\e.edu /n/ivy/etc/passwd /n/ivy/etc/group
.EE
.PP
A typical entry in
.B /rc/bin/cpurc
might be:
.PP
.EX
aux/nfsserver -a il!bootes -a il!fornax -c /lib/ndb/nfs
aux/pcnfsd
aux/portmapper
.EE
.PP
Assuming the cpu server's name is
.BR eduardo ,
the mount commands on the client would be:
.PP
.EX
/etc/mount -o soft,intr eduardo:bootes /n/bootes
/etc/mount -o soft,intr eduardo:fornax /n/fornax
.EE
.PP
Note that a single instance of
.I nfsserver
may provide access to several 9P servers.
.SH FILES
.TF /lib/ndb/nfs
.TP
.B /lib/ndb/nfs
List of uid/gid maps.
.TP
.B /sys/log/nfs
Log file.
.SH SOURCE
.B /sys/src/cmd/9nfs
.SH BUGS
It would be nice to provide authentication for users, but Unix systems
provide too low a level of security to be trusted in a Plan 9 world.
.SH SEE ALSO
RFC1057,
.I "RPC: Remote Procedure Call Protocol Specification, Version 2."
.br
RFC1094,
.I "NFS: Network File System Protocol Specification."
|
