Provided by: lizardfs-master_3.12.0+dfsg-1_amd64 
NAME
mfsexports.cfg - LizardFS access control for mfsmounts
DESCRIPTION
The file mfsexports.cfg contains LizardFS access list for mfsmount clients.
SYNTAX
Syntax is:
ADDRESS DIRECTORY [OPTIONS]
Lines starting with # character are ignored.
ADDRESS can be specified in several forms:
• * all addresses
• n.n.n.n single IP address
• n.n.n.n/b IP class specified by network address and bits number
• n.n.n.n/m.m.m.m IP class specified by network address and mask
• f.f.f.f-t.t.t.t IP range specified by from-to addresses (inclusive)
DIRECTORY could be / or path relative to LizardFS root; special value . means MFSMETA
companion filesystem.
OPTIONS
ro, readonly
export tree in read-only mode (default)
rw, readwrite
export tree in read-write mode
ignoregid
disable testing of group access at mfsmaster level (it’s still done at mfsmount level)
- in this case "group" and "other" permissions are logically added; needed for
supplementary groups to work (mfsmaster receives only user primary group information)
dynamicip
allows reconnecting of already authenticated client from any IP address (the default
is to check IP address on reconnect)
maproot=USER[:GROUP]
maps root (uid=0) accesses to given user and group (similarly to maproot option in NFS
mounts); USER and GROUP can be given either as name or number; if no group is
specified, USER's primary group is used. Names are resolved on mfsmaster side (see
note below).
mapall=USER[:GROUP]
like above but maps all non privileged users (uid!=0) accesses to given user and group
(see notes below).
minversion=VER
rejects access from clients older than specified
mingoal=N, maxgoal=N
specify range in which goal can be set by users
mintrashtime=TDUR, maxtrashtime=TDUR
specify range in which trashtime can be set by users
password=PASS, md5pass=MD5
requires password authentication in order to access specified resource
alldirs
allows to mount any subdirectory of specified directory (similarly to NFS)
nonrootmeta
allows non-root users to use filesystem mounted in the meta mode (option available
only in this mode)
Default options are: ro,maproot=999:999.
NOTES
USER and GROUP names (if not specified by explicit uid/gid number) are resolved on
mfsmaster host.
TDUR can be specified as number without time unit (number of seconds) or combination of
numbers with time units. Time units are: W,D,H,M,S. Order is important - less significant
time units can’t be defined before more significant time units.
Option mapall works in LizardFS in different way than in NFS, because of using FUSE’s
"default_permissions" option. When mapall option is used, users see all objects with uid
equal to mapped uid as their own and all other as root’s objects. Similarly objects with
gid equal to mapped gid are seen as objects with current user’s primary group and all
other objects as objects with group 0 (usually wheel). With mapall option set attribute
cache in kernel is always turned off.
EXAMPLES
• * / ro
• 192.168.1.0/24 / rw
• 192.168.1.0/24 / rw,alldirs,maproot=0,password=passcode
• 10.0.0.0-10.0.0.5 /test rw,maproot=nobody,password=test
• 10.1.0.0/255.255.0.0 /public rw,mapall=1000:1000
• 10.2.0.0/16 / rw,alldirs,maproot=0,mintrashtime=2h30m,maxtrashtime=2w
COPYRIGHT
Copyright 2008-2009 Gemius SA, 2013-2015 Skytechnology sp. z o.o.
LizardFS is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License as published by the Free Software Foundation, version 3.
LizardFS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with LizardFS. If
not, see http://www.gnu.org/licenses/.
SEE ALSO
mfsmaster(8), mfsmaster.cfg(5)
02/11/2018 MFSEXPORTS.CFG(5)