1 .\" 2 .\" The contents of this file are subject to the terms of the 3 .\" Common Development and Distribution License (the "License"). 4 .\" You may not use this file except in compliance with the License. 5 .\" 6 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 7 .\" or http://www.opensolaris.org/os/licensing. 8 .\" See the License for the specific language governing permissions 9 .\" and limitations under the License. 10 .\" 11 .\" When distributing Covered Code, include this CDDL HEADER in each 12 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. 13 .\" If applicable, add the following below this CDDL HEADER, with the 14 .\" fields enclosed by brackets "[]" replaced with your own identifying 15 .\" information: Portions Copyright [yyyy] [name of copyright owner] 16 .\" 17 .\" 18 .\" Copyright 1989 AT&T 19 .\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved. 20 .\" Copyright 2016 Nexenta Systems, Inc. 21 .\" 22 .Dd November 16, 2016 23 .Dt NFS 4 24 .Os 25 .Sh NAME 26 .Nm nfs 27 .Nd NFS configuration properties 28 .Sh DESCRIPTION 29 The behavior of the 30 .Xr nfsd 1M , 31 .Xr nfsmapid 1M , 32 .Xr lockd 1M , 33 and 34 .Xr mountd 1M 35 daemons and 36 .Xr mount_nfs 1M 37 command is controlled by property values that are stored in the Service 38 Management Facility, smf(5). The 39 .Xr sharectl 1M 40 command should be used to query or change values for these properties. 41 .Pp 42 Changes made to 43 .Nm 44 property values on the 45 .Nm nfsd , 46 .Nm lockd , 47 .Nm mountd , 48 or 49 .Nm mount_nfs 50 command line override the values set using 51 .Xr sharectl 1M . 52 .Pp 53 The following list describes the properties: 54 .Bl -tag -width Ds 55 .It Xo 56 .Sy client_versmin Ns = Ns Ar num 57 .br 58 .Sy client_versmax Ns = Ns Ar num 59 .Xc 60 The NFS client only uses NFS versions in the range specified by these 61 properties. Valid values of versions are: 2, 3, and 4. Default minimum version 62 is 63 .Li 2 , 64 while default maximum is 65 .Li 4 . 66 .Pp 67 You can override this range on a per-mount basis by using the 68 .Fl o Sy vers Ns = 69 option to 70 .Xr mount_nfs 1M . 71 .It Xo 72 .Sy server_versmin Ns = Ns Ar num 73 .br 74 .Sy server_versmax Ns = Ns Ar num 75 .Xc 76 The NFS server only uses NFS versions in the range specified by these 77 properties. Valid values of versions are: 2, 3, and 4. Default minimum version 78 is 79 .Li 2 , 80 while the default maximum version is 81 .Li 4 . 82 .It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off 83 By default the NFS server provides 84 delegations to clients. The user can turn off delegations for all exported 85 filesystems by setting this variable to 86 .Li off . 87 This variable only applies to NFS Version 4. 88 .It Sy nfsmapid_domain Ns = Ns Op Ar string 89 By default, the 90 .Nm nfsmapid 91 uses the DNS domain of the system. This setting overrides the default. This 92 domain is used for identifying user and group attribute strings in the NFS 93 Version 4 protocol. Clients and servers must match with this domain for 94 operation to proceed normally. This variable only applies to NFS Version 4. See 95 .Sx Setting nfsmapid_domain 96 below for further details. 97 .It Sy max_connections Ns = Ns Ar num 98 Sets the maximum number of concurrent, connection-oriented connections. The 99 default is 100 .Li -1 101 .Pq unlimited . 102 Equivalent to the 103 .Fl c 104 option in 105 .Nm nfsd . 106 .It Sy listen_backlog Ns = Ns Ar num 107 Set connection queue length for the NFS over a connection-oriented transport. 108 The default value is 109 .Li 32 , 110 meaning 32 entries in the queue. Equivalent to the 111 .Fl l 112 option in 113 .Nm nfsd . 114 .It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol 115 Start 116 .Nm nfsd 117 over the specified protocol only. Equivalent to the 118 .Fl p 119 option in 120 .Nm nfsd . 121 .Sy all 122 is equivalent to 123 .Fl a 124 on the 125 .Nm nfsd 126 command line. Mutually exlusive of 127 .Sy device . 128 For the UDP protocol, only version 2 and version 3 service is established. NFS 129 Version 4 is not supported for the UDP protocol. 130 .It Sy device Ns = Ns Op Ar devname 131 Start NFS daemon for the transport specified by the given device only. 132 Equivalent to the 133 .Fl t 134 option in 135 .Nm nfsd . 136 Mutually exclusive of 137 .Sy protocol . 138 .It Sy servers Ns = Ns Ar num 139 Maximum number of concurrent NFS requests. Equivalent to last numeric argument 140 on the 141 .Nm nfsd 142 command line. The default is 143 .Li 16 . 144 .It Sy lockd_listen_backlog Ns = Ns Ar num 145 Set connection queue length for 146 .Nm lockd 147 over a connection-oriented transport. The default and minimum value is 148 .Li 32 . 149 .It Sy lockd_servers Ns = Ns Ar num 150 Maximum number of concurrent 151 .Nm lockd 152 requests. The default is 20. 153 .It Sy lockd_retransmit_timeout Ns = Ns Ar num 154 Retransmit timeout, in seconds, before 155 .Nm lockd 156 retries. The default is 157 .Li 5 . 158 .It Sy grace_period Ns = Ns Ar num 159 Grace period, in seconds, that all clients 160 .Pq both NLM and NFSv4 161 have to reclaim locks after a server reboot. This parameter also controls the 162 NFSv4 lease interval. The default is 163 .Li 90 . 164 .It Sy mountd_listen_backlog Ns = Ns Ar num 165 Set the connection queue length for 166 .Nm mountd 167 over a connection-oriented transport. The default value is 168 .Li 64 . 169 .It Sy mountd_max_threads Ns = Ns Ar num 170 Maximum number of threads for 171 .Nm mountd . 172 The default value is 173 .Li 16 . 174 .El 175 .Ss Setting nfsmapid_domain 176 As described above, the setting for 177 .Sy nfsmapid_domain 178 overrides the domain used by 179 .Xr nfsmapid 1M 180 for building and comparing outbound and inbound attribute strings, respectively. 181 This setting overrides any other mechanism for setting the NFSv4 domain. In the 182 absence of a 183 .Sy nfsmapid_domain 184 setting, the 185 .Xr nfsmapid 1M 186 daemon determines the NFSv4 domain as follows: 187 .Bl -bullet 188 .It 189 If a properly configured 190 .Pa /etc/resolv.conf 191 .Po see 192 .Xr resolv.conf 4 193 .Pc 194 exists, 195 .Nm nfsmapid 196 queries specified nameserver(s) for the domain. 197 .It 198 If a properly configured 199 .Pa /etc/resolv.conf 200 .Po see 201 .Xr resolv.conf 4 202 .Pc 203 exists, but the queried nameserver does not have a proper record of the domain 204 name, 205 .Nm nfsmapid 206 attempts to obtain the domain name through the BIND interface 207 .Po see 208 .Xr resolver 3RESOLV 209 .Pc . 210 .It 211 If no 212 .Pa /etc/resolv.conf 213 exists, 214 .Nm nfsmapid 215 falls back on using the configured domain name 216 .Po see 217 .Xr domainname 1M 218 .Pc , 219 which is returned with the leading domain suffix removed. For example, for 220 .Li widgets.sales.acme.com , 221 .Li sales.acme.com 222 is returned. 223 .It 224 If 225 .Pa /etc/resolv.conf 226 does not exist, no domain name has been configured 227 .Po or no 228 .Pa /etc/defaultdomain 229 exists 230 .Pc , 231 .Nm nfsmapid 232 falls back on obtaining the domain name from the host name, if the host name 233 contains a fully qualified domain name 234 .Pq FQDN . 235 .El 236 .Pp 237 If a domainname is still not obtained following all of the preceding steps, 238 .Nm nfsmapid 239 will have no domain configured. This results in the following behavior: 240 .Bl -bullet 241 .It 242 Outbound 243 .Qq owner 244 and 245 .Qq owner_group 246 attribute strings are encoded as literal id's. For example, the UID 12345 is 247 encoded as 248 .Li 12345 . 249 .It 250 .Nm nfsmapid 251 ignores the 252 .Qq domain 253 portion of the inbound attribute string and performs name service lookups only 254 for the user or group. If the user/group exists in the local system name service 255 databases, then the proper uid/gid will be mapped even when no domain has been 256 configured. 257 .Pp 258 This behavior implies that the same administrative user/group domain exists 259 between NFSv4 client and server (that is, the same uid/gid's for users/groups 260 on both client and server). In the case of overlapping id spaces, the inbound 261 attribute string could potentially be mapped to the wrong id. However, this is 262 not functionally different from mapping the inbound string to 263 .Sy nobody , 264 yet provides greater flexibility. 265 .El 266 .Sh SEE ALSO 267 .Xr lockd 1M , 268 .Xr mount_nfs 1M , 269 .Xr mountd 1M , 270 .Xr nfsd 1M , 271 .Xr nfsmapid 1M , 272 .Xr sharectl 1M , 273 .Xr smf 5