Provided by: nfs-user-server_2.2beta47-23_i386 bug


       mountd - NFS mount daemon


       /usr/sbin/rpc.mountd [ -f exports-file ] [ -d facility ] [ -P port ]
       [ -Dhnprv ] [ --debug facility ] [ --exports-file=file ] [ --help ]
       [ --allow-non-root ] [ --re-export ] [ --no-spoof-trace ] [ --version ]


       The mountd program is an NFS  mount  daemon.  When  receiving  a  MOUNT
       request  from  an NFS client, it checks the request against the list of
       exported file  systems  listen  in  /etc/exports.   If  the  client  is
       permitted  to  mount  the file system, mountd creates a file handle for
       the requested directory, and adds an entry /etc/rmtab.  Upon receipt of
       an  UMOUNT  request,  it  removes the client’s entry from rmtab.  Note,
       however, that a client may still be able to use the file  handle  after
       the  UMOUNT request (for instance, if the client mounts the same remote
       file system on two different mount  points).  Similarly,  if  a  client
       reboots without notifying mountd, a stale entry will remain in rmtab.

   Running from inetd
       mountd  can  be  started  from inetd rather than at system boot time by
       adding the following two lines to /etc/inetd.conf:

       mount/1-2 dgram  rpc/udp wait  root  /usr/sbin/rpc.mountd rpc.mountd
       mount/1-2 stream rpc/tcp wait  root  /usr/sbin/rpc.mountd rpc.mountd

       When run from inetd, mountd will terminate after a  certain  period  of


       -f or --exports-file
              This option specifies the exports file, listing the clients that
              this server is prepared to serve and parameters to apply to each
              such  mount  (see exports(5)).  By default exports are read from

       -d or --debug
              Log each transaction verbosely  to  standard  error.  Valid  log
              facilities  are  call  for  the  logging  of all calls, auth for
              client authentication, fhcache for operations of the file handle
              cache,  and  rmtab  for manipulation of /etc/rmtab.  By default,
              log output is sent to syslogd unless  the  daemon  runs  in  the

       -F or --foreground
              Unlike  normal  in  operation,  mountd  will not detach from the
              terminal when given this option. When debugging is requested, it
              will be sent to standard error.

       -h or --help
              Provide a short help summary.

       -n or --allow-non-root
              Allow  incoming mount requests to be honored even if they do not
              originate  from  reserved  IP  ports.   Some  older  NFS  client
              implementations   require   this.    Some   newer   NFS   client
              implementations don’t believe in reserved port checking.

       -P portnum or --port portnum
              Makes mountd listen on port portnum instead of some random port.
              By  default,  mountd will listen on the mount/udp port specified
              in /etc/services, or, if that is undefined,  on  some  arbitrary
              port number below 1024.

       -p or --promiscuous
              Put  the  server  into  promiscuous mode where it will serve any
              host on the network.

       -r or --re-export
              Allow imported NFS or SMB file-systems to be exported.  This can
              be  used  to turn a machine into an NFS/SMB multiplier.  Caution
              should be used when re-exporting  loopback  mounts  because  re-
              entering  the  mount  point  will result in deadlock between the
              client file system code and the server.

       -t or --no-spoof-trace
              By default, mountd logs every access  by  unauthorized  clients.
              This  option  turns  off  logging of such spoof attempts for all
              hosts listed explicitly in the exports file.

       -v or --version
              Report the current version number of the program.

   Access Control
       For enhanced security, access to mountd can  be  limited  via  the  TCP
       wrapper  library  that’s  part of Wietse Venema’s tcp_wrappers package.
       Support for this option must be selected at compile time. In  order  to
       restrict  access  to all hosts on your local network (say,
       you would add the following lines to your /etc/hosts.allow file:

       rpc.mountd : 192.168.1. : allow
       rpc.mountd : ALL        : deny

       This example assumes your TCP wrapper library was compiled with options
       support  (which  I  highly  recommend). If it has been compiled without
       options  support,  you  need  to  add  the  following  two   lines   to
       /etc/hosts.allow  and  /etc/hosts.deny, respectively:

       # hosts.allow:
       rpc.mountd : 192.168.1
       # hosts.deny
       rpc.mountd : ALL

       When  changing  this  information,  you  must  restart mountd for these
       changes to take effect, either by killing and restarting, or by sending
       it the HUP signal.


       The information in /etc/rmtab is inaccurate more often than not.


       When  receiving  a SIGHUP, mountd will re-read the exports file and any
       access restrictions defined in the /etc/hosts.allow and /etc/hosts.deny
       file.  Note  that  to make export changes take effect, you have to send
       nfsd a SIGHUP as well.




       exports(5), nfsd(8), ugidd(8C), showmount(8).

                                11 August 1997                       MOUNTD(8)