Provided by: nfs-user-server_2.2beta47-25_i386 bug

NAME

       nfsd - NFS service daemon

SYNOPSIS

       /usr/sbin/rpc.nfsd [ -f exports-file ] [ -d facility ] [ -P port ]
       [ -R dirname ] [ -Fhlnprstv ] [ --debug facility ]
       [ --exports-file=file ] [ --foreground ] [ --help ]
       [ --allow-non-root ] [ --re-export ] [ --public-root dirname ]
       [ --no-spoof-trace ] [ --port port ] [ --log-transfers ] [ --version ]
       [ numservers ]

DESCRIPTION

       The  nfsd  program  is  an  NFS  service  daemon  that  handles  client
       filesystem  requests.  Unlike on some other systems, nfsd operates as a
       normal user-level process.  The server  also  differs  from  other  NFS
       server  implementations  in that it mounts an entire file hierarchy not
       limited by the boundaries of physical file-systems.  The implementation
       allows the clients read-only or read-write access to the file hierarchy
       of the server machine.

       The mountd program starts an ancillary user-level mount daemon.

   Running from inetd
       Usually, nfsd will be started at system boot  time.  However,  you  may
       also  invoke  it  from  inetd  by  adding  the  following  two lines to
       /etc/inetd.conf:

       nfs/2 dgram  rpc/udp wait root /usr/sbin/rpc.nfsd rpc.nfsd
       nfs/2 stream rpc/tcp wait root /usr/sbin/rpc.nfsd rpc.nfsd

       When  run  from  inetd,  will  terminate  after  a  certain  period  of
       inactivity.

OPTIONS

       -f or --exports-file
              This option specifies the exports file, listing the clients that
              this server is prepared to serve and parameters to apply to each
              such  mount  (see exports(5)).  By default exports are read from
              /etc/exports.

       -d facility or --debug facility
              Log  operations  verbosely.  Legal  values  for   facility   are
              currently  call  for  the  logging  of  RPC calls and arguments,
              fhcache for the  file  handle  cache  operation,  auth  for  the
              authentication  routines,  and ugid for the uid mapping code, if
              used. Debug messages will be  logged  to  syslog(8)  unless  the
              daemon runs in the foreground.

       -F or --foreground
              Unlike  in  normal  operation,  nfsd  will  not  detach from the
              terminal when given this option. When debugging is requested, it
              will be sent to standard error.

       -h or --help
              Provide a short help summary.

       -l or --log-transfers
              Tries  to  catch  all  files  retrieved from and written the NFS
              server. This is mainly for the benefit of anonymous NFS  exports
              and is intended to mimick the xferlog file supported by some FTP
              daemons. For each file store  or  retrieve,  a  single  line  is
              written  to  the  system  log  daemon containing the client’s IP
              address, and the file name. The  log  level  of  these  transfer
              records is daemon.info.

       -n or --allow-non-root
              Allow  incoming  NFS  requests to be honored even if they do not
              originate  from  reserved  IP  ports.   Some  older  NFS  client
              implementations   require   this.    Some   newer   NFS   client
              implementations don’t believe in reserved  port  checking.  This
              check  can  be turned off for individual hosts by specifying the
              insecure export option in /etc/exports.

       -P portnum or --port portnum
              Makes nfsd listen on port portnum instead of  the  default  port
              2049. By default, nfsd will listen on the nfs/udp port specified
              in /etc/services, or, if that is undefined, on port 2049.

       -p or --promiscuous
              Put the server into promiscuous mode where  it  will  serve  any
              host on the network.

       -r or --re-export
              Allow remotely mounted file-systems to be exported.  This can be
              used to turn a machine into  a  multiplier  for  NFS  or  Novell
              servers.  Caution  should be used when re-exporting loopback NFS
              mounts because  re-entering  the  mount  point  will  result  in
              deadlock between the NFS client and the NFS server.

              It  should  be  noted  that  (on  Linux) nfsd looks at the major
              device number of the file system to find out  whether  it  is  a
              remote volume; if the major number is not 0, it assumes the file
              system is local. However, not only remote file systems use major
              number  0, also procfs does. If you choose to re-export NFS file
              systems, beware that this potentially includes /proc if you have
              the  file  system  root exported. This poses a security problem,
              and you should avoid this situation if possible.

       -t or --no-spoof-trace
              By default, nfsd logs every access by unauthorized clients. This
              option  turns  off  logging of such spoof attempts for all hosts
              listed explicitly in the exports file.

       -R or --public-root
              Specifies the directory associated with the public file  handle.
              See the section on WebNFS below.

       -v or --version
              Report the current version number of the program.

       numcopies
              This  is  an  experimental  feature  that  lets  you run several
              instances of nfsd in parallel. When given a value  of  numcopies
              greater  than  one, nfsd will fork as many times as specified by
              this value.  However, the servers do not  share  a  common  file
              handle cache, which makes certain file operations impossible.

              For  this  reason,  nfsd will disallow all write operations when
              invoked with this option. Although this is very  limiting,  this
              feature may still prove useful for exporting public FTP areas or
              Usenet News spools.

   WebNFS Support
       WebNFS is an extension to the normal NFS protocol developed by Sun that
       is  particularly  well-suited for file retrieval over the Internet, and
       is intended to be used (among others) from Web browsers.

       Central to the concept is the so-called public file handle. This  is  a
       special  NFS  file  handle  used  by  the  NFS client (i.e. browser) to
       retrieve a file without having to go through the mount protocol.   This
       file  handle must be associated with a directory on the server machine,
       relative to which it evaluates  filenames.  This  is  the  public  root
       directory,  which  can  be specified using the --public-root option.  A
       Web server, for instance, would probably use the root of its Web server
       as the public root (e.g. /home/httpd).  A Web broser requesting the URL
       nfs://foo.bar.edu/zappa.html   would   then   be   given    the    file
       /home/httpd/zappa.html.   For  ease  of  maintenance,  the  public root
       directory can also be specified using a special entry  in  the  exports
       file (see exports(5) for details).

       Naming  a  public root does not automatically export it; you still must
       explicitly do that in  /etc/exports  in  order  to  actually  make  the
       directory accessible.  A useful set of options to export data to WebNFS
       clients is ro,all_squash,insecure.  Please refer to  exports(5)  for  a
       detailed explanation of these flags.

       Also  note that a WebNFS client can also access files not located below
       the public root directory as long as  they  are  exported  to  him.  In
       particular,  if you have /home/ftp exported to the world in addition to
       the Web server’s home directory, a web client may be able to access FTP
       files  via  nfs://foo.bar.edu/../ftp/README.   Of course, this does not
       apply to files that are not exported to the client.

SIGNALS

       nfsd recognizes the following signals:

       SIGHUP causes nfsd to re-read the export file and flush the file handle
              cache. If a public root was specified, this will also regenerate
              the file  handle  associated  with  the  public  directory  name
              (useful when exporting a removable file system).

       SIGUSR1
              When  nfsd  was  invoked  with  debugging  options, sending this
              signal toggles generation of debug information.

       SIGIOT When compiled with with the -DCALL_PROFILING option,  sending  a
              SIGIOT  to  nfsd will cause dump the average execution times per
              NFS operation into /tmp/nfsd.profile.

BUGS

       nfsd does not support the retrieval of index.html files when  asked  to
       look  up a directory file name. This is not an RFC requirement, so it’s
       rather a feature absent than a true bug.

       The --log-transfers option is not always accurate  since  there  is  no
       equivalent  to the UNIX file system open() and close() calls in the NFS
       protocol. Instead, nfsd  writes  out  a  transfer  record  whenever  it
       encounters a READ or WRITE request at offset zero.

SEE ALSO

       exports(5), mountd(8), ugidd(8C)

AUTHORS

       Mark  Shand  wrote  the  orignal  unfsd.   Don Becker extended unfsd to
       support authentication and allow read-write access and called it  hnfs.
       Rick   Sladkey  added  host  matching,  showmount  -e  support,  mountd
       authentication,  inetd  support,  and  all  of  the   portability   and
       configuration  code.   Olaf  Kirch  fixed one or two security holes and
       other bugs, added the uid mapping and a couple of other things.

                                11 August 1997                         NFSD(8)