12278 New usr/src/man/man4/nfs.4

   1 .\"
   2 .\" The contents of this file are subject to the terms of the
   3 .\" Common Development and Distribution License (the "License").
   4 .\" You may not use this file except in compliance with the License.
   5 .\"
   6 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   7 .\" or http://www.opensolaris.org/os/licensing.
   8 .\" See the License for the specific language governing permissions
   9 .\" and limitations under the License.
  10 .\"
  11 .\" When distributing Covered Code, include this CDDL HEADER in each
  12 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  13 .\" If applicable, add the following below this CDDL HEADER, with the
  14 .\" fields enclosed by brackets "[]" replaced with your own identifying
  15 .\" information: Portions Copyright [yyyy] [name of copyright owner]
  16 .\"
  17 .\"
  18 .\" Copyright 1989 AT&T
  19 .\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved.
  20 .\" Copyright 2016 Nexenta Systems, Inc.
  21 .\" Copyright 2020 Joyent, Inc.
  22 .\"
  23 .Dd February 4, 2020
  24 .Dt NFS 4
  25 .Os
  26 .Sh NAME
  27 .Nm nfs
  28 .Nd NFS configuration properties
  29 .Sh DESCRIPTION
  30 The behavior of the
  31 .Xr nfsd 1M ,
  32 .Xr nfsmapid 1M ,
  33 .Xr lockd 1M ,
  34 and
  35 .Xr mountd 1M
  36 daemons and
  37 .Xr mount_nfs 1M
  38 command is controlled by property values that are stored in the Service
  39 Management Facility, smf(5).
  40 The
  41 .Xr sharectl 1M
  42 command should be used to query or change values for these properties.
  43 .Pp
  44 Changes made to
  45 .Nm
  46 property values on the
  47 .Nm nfsd ,
  48 .Nm lockd ,
  49 .Nm mountd ,
  50 or
  51 .Nm mount_nfs
  52 command line override the values set using
  53 .Xr sharectl 1M .
  54 .Pp
  55 The following list describes the properties:
  56 .Bl -tag -width Ds
  57 .It Xo
  58 .Sy client_versmin Ns = Ns Ar num
  59 .br
  60 .Sy client_versmax Ns = Ns Ar num
  61 .Xc
  62 The NFS client only uses NFS versions in the range specified by these
  63 properties.
  64 Valid values of versions are: 2, 3, and 4.
  65 Default minimum version is
  66 .Li 2 ,
  67 while default maximum is
  68 .Li 4 .
  69 .Pp
  70 You can override this range on a per-mount basis by using the
  71 .Fl o Sy vers Ns =
  72 option to
  73 .Xr mount_nfs 1M .
  74 .It Xo
  75 .Sy server_versmin Ns = Ns Ar num
  76 .br
  77 .Sy server_versmax Ns = Ns Ar num
  78 .Xc
  79 The NFS server only uses NFS versions in the range specified by these
  80 properties.
  81 Valid values of versions are: 2, 3, and 4.
  82 Default minimum version is
  83 .Li 2 ,
  84 while the default maximum version is
  85 .Li 4 .
  86 .It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off
  87 By default the NFS server provides delegations to clients.
  88 The user can turn off delegations for all exported filesystems by setting this
  89 variable to
  90 .Li off .
  91 This variable only applies to NFS Version 4.
  92 .It Sy nfsmapid_domain Ns = Ns Op Ar string
  93 By default, the
  94 .Nm nfsmapid
  95 uses the DNS domain of the system.
  96 This setting overrides the default.
  97 This domain is used for identifying user and group attribute strings in the NFS
  98 Version 4 protocol.
  99 Clients and servers must match with this domain for operation to proceed
 100 normally.
 101 This variable only applies to NFS Version 4.
 102 See
 103 .Sx Setting nfsmapid_domain
 104 below for further details.
 105 .It Sy max_connections Ns = Ns Ar num
 106 Sets the maximum number of concurrent, connection-oriented connections.
 107 The default is
 108 .Li -1
 109 .Pq unlimited .
 110 Equivalent to the
 111 .Fl c
 112 option in
 113 .Nm nfsd .
 114 .It Sy listen_backlog Ns = Ns Ar num
 115 Set connection queue length for the NFS over a connection-oriented transport.
 116 The default value is
 117 .Li 32 ,
 118 meaning 32 entries in the queue.
 119 Equivalent to the
 120 .Fl l
 121 option in
 122 .Nm nfsd .
 123 .It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol
 124 Start
 125 .Nm nfsd
 126 over the specified protocol only.
 127 Equivalent to the
 128 .Fl p
 129 option in
 130 .Nm nfsd .
 131 .Sy all
 132 is equivalent to
 133 .Fl a
 134 on the
 135 .Nm nfsd
 136 command line.
 137 Mutually exlusive of
 138 .Sy device .
 139 For the UDP protocol, only version 2 and version 3 service is established.
 140 NFS Version 4 is not supported for the UDP protocol.
 141 .It Sy device Ns = Ns Op Ar devname
 142 Start NFS daemon for the transport specified by the given device only.
 143 Equivalent to the
 144 .Fl t
 145 option in
 146 .Nm nfsd .
 147 Mutually exclusive of
 148 .Sy protocol .
 149 .It Sy servers Ns = Ns Ar num
 150 Maximum number of concurrent NFS requests.
 151 Equivalent to last numeric argument on the
 152 .Nm nfsd
 153 command line.
 154 The default is
 155 .Li 1024 .
 156 .It Sy lockd_listen_backlog Ns = Ns Ar num
 157 Set connection queue length for
 158 .Nm lockd
 159 over a connection-oriented transport.
 160 The default and minimum value is
 161 .Li 32 .
 162 .It Sy lockd_servers Ns = Ns Ar num
 163 Maximum number of concurrent
 164 .Nm lockd
 165 requests.
 166 The default is 256.
 167 .It Sy lockd_retransmit_timeout Ns = Ns Ar num
 168 Retransmit timeout, in seconds, before
 169 .Nm lockd
 170 retries.
 171 The default is
 172 .Li 5 .
 173 .It Sy grace_period Ns = Ns Ar num
 174 Grace period, in seconds, that all clients
 175 .Pq both NLM and NFSv4
 176 have to reclaim locks after a server reboot.
 177 This parameter also controls the NFSv4 lease interval.
 178 The default is
 179 .Li 90 .
 180 .It Sy mountd_listen_backlog Ns = Ns Ar num
 181 Set the connection queue length for
 182 .Nm mountd
 183 over a connection-oriented transport.
 184 The default value is
 185 .Li 64 .
 186 .It Sy mountd_max_threads Ns = Ns Ar num
 187 Maximum number of threads for
 188 .Nm mountd .
 189 The default value is
 190 .Li 16 .
 191 .It Sy mountd_port Ns = Ns Ar num
 192 The IP port number on which
 193 .Nm mountd
 194 should listen.
 195 The default value is
 196 .Li 0 ,
 197 which means it should use a default binding.
 198 .It Sy statd_port Ns = Ns Ar num
 199 The IP port number on which
 200 .Nm statd
 201 should listen.
 202 The default value is
 203 .Li 0 ,
 204 which means it should use a default binding.
 205 .El
 206 .Ss Setting nfsmapid_domain
 207 As described above, the setting for
 208 .Sy nfsmapid_domain
 209 overrides the domain used by
 210 .Xr nfsmapid 1M
 211 for building and comparing outbound and inbound attribute strings, respectively.
 212 This setting overrides any other mechanism for setting the NFSv4 domain.
 213 In the absence of a
 214 .Sy nfsmapid_domain
 215 setting, the
 216 .Xr nfsmapid 1M
 217 daemon determines the NFSv4 domain as follows:
 218 .Bl -bullet
 219 .It
 220 If a properly configured
 221 .Pa /etc/resolv.conf
 222 .Po see
 223 .Xr resolv.conf 4
 224 .Pc
 225 exists,
 226 .Nm nfsmapid
 227 queries specified nameserver(s) for the domain.
 228 .It
 229 If a properly configured
 230 .Pa /etc/resolv.conf
 231 .Po see
 232 .Xr resolv.conf 4
 233 .Pc
 234 exists, but the queried nameserver does not have a proper record of the domain
 235 name,
 236 .Nm nfsmapid
 237 attempts to obtain the domain name through the BIND interface
 238 .Po see
 239 .Xr resolver 3RESOLV
 240 .Pc .
 241 .It
 242 If no
 243 .Pa /etc/resolv.conf
 244 exists,
 245 .Nm nfsmapid
 246 falls back on using the configured domain name
 247 .Po see
 248 .Xr domainname 1M
 249 .Pc ,
 250 which is returned with the leading domain suffix removed.
 251 For example, for
 252 .Li widgets.sales.acme.com ,
 253 .Li sales.acme.com
 254 is returned.
 255 .It
 256 If
 257 .Pa /etc/resolv.conf
 258 does not exist, no domain name has been configured
 259 .Po or no
 260 .Pa /etc/defaultdomain
 261 exists
 262 .Pc ,
 263 .Nm nfsmapid
 264 falls back on obtaining the domain name from the host name, if the host name
 265 contains a fully qualified domain name
 266 .Pq FQDN .
 267 .El
 268 .Pp
 269 If a domainname is still not obtained following all of the preceding steps,
 270 .Nm nfsmapid
 271 will have no domain configured.
 272 This results in the following behavior:
 273 .Bl -bullet
 274 .It
 275 Outbound
 276 .Qq owner
 277 and
 278 .Qq owner_group
 279 attribute strings are encoded as literal id's.
 280 For example, the UID 12345 is encoded as
 281 .Li 12345 .
 282 .It
 283 .Nm nfsmapid
 284 ignores the
 285 .Qq domain
 286 portion of the inbound attribute string and performs name service lookups only
 287 for the user or group.
 288 If the user/group exists in the local system name service databases, then the
 289 proper uid/gid will be mapped even when no domain has been configured.
 290 .Pp
 291 This behavior implies that the same administrative user/group domain exists
 292 between NFSv4 client and server (that is, the same uid/gid's for users/groups
 293 on both client and server).
 294 In the case of overlapping id spaces, the inbound attribute string could
 295 potentially be mapped to the wrong id.
 296 However, this is not functionally different from mapping the inbound string to
 297 .Sy nobody ,
 298 yet provides greater flexibility.
 299 .El
 300 .Sh ZONES
 301 NFS can be served out of a non-global zone.
 302 All of the above documentation applies to an in-zone NFS server.
 303 File sharing in zones is restricted to filesystems a zone completely controls.
 304 Some zone brands (see
 305 .Xr brands 5 )
 306 do not give the zone's root its own filesystem, for example.
 307 Delegated ZFS datasets to a zone are shareable, as well as lofs-remounted
 308 directories.
 309 The zone must have sys_nfs privileges; most brands grant this already.
 310 .Sh SEE ALSO
 311 .Xr lockd 1M ,
 312 .Xr mount_nfs 1M ,
 313 .Xr mountd 1M ,
 314 .Xr nfsd 1M ,
 315 .Xr nfsmapid 1M ,
 316 .Xr sharectl 1M ,
 317 .Xr brands 5 ,
 318 .Xr smf 5 ,
 319 .Xr zones 5