Poster of Linux kernelThe best gift for a Linux geek
rfsd

rfsd

Section: remotefs (8) Updated: 0.11
Local index Up
 

NAME

rfsd - remotefs server  

SYNOPSIS

rfsd [OPTION]  

OPTIONS

-h

Show help

-a ADDRESS

Listen for connections on ADDRESS

-p PORT

Listen for connections on PORT

-u USERNAME

Worker process be running with privileges of USERNAME

-g GROUPNAME

Worker process be running with privileges of GROUP

-r PATH

Change pidfile path from default to PATH

-e PATH

Load exports from PATH

-s PATH

Load passwords from PATH
 

DESCRIPTION

rfsd may work in two modes:  

Just file server

For this mode all users may be authenticated by IP-address or login and password. All users will be able to read files in exported directory and write to files unless there is an "ro" option specified for this export.

rfsd worker process will be running with privileges of user (and group) specified by -u and -g options (root by default). Alternatively, worker process user and group may be overridden by specifying "user=" and "group=" options for a particular export.  

UGO compatibility mode

For this mode, rfsd will log the user into the server's OS. It's like remote shell, but without the actual shell, just for file access. To enable this mode, set option "ugo" for export(s).

If ugo option is specified, -u and -g options in rsfd command line as well as "user=", "group=" and "ro" options in exports file are ignored.

You need to create system users with the same names as remotefs users. However, rfsd will not use system passwords database for authentication, it will use rfspasswd database instead.

In this mode users could use chown and chmod commands to set access rights. Remote and local systems should be synced for this mode to work fully. Otherwise the server may refuse to set the owner if it isn't aware of the specified user or group and the client may report the wrong owner or group.

See rfs(1) for description of side effects of unsynced systems at client's side.  

SECURITY NOTES

Official recommendation for remotefs is to keep it away from untrusted networks. You normally setup rfsd to listen on a local network. If you absolutely need to use it over the Internet, you should at least firewall the connection with a specific IP-address.

Please consider this advice seriously.

BTW, rfsd will warn you about listening on an interface that is not local and will refuse to run until -q option is provided, or a local interface is specified.  

NOTE ABOUT SSL (in SVN)

Current SSL support uses certificates, but doesn't verify them. (Using certificates is an SSL requirement). For that reason it is currently vulnerable to the "Man-in-the-middle" attack (http://en.wikipedia.org/wiki/Man_in_the_middle).

We're only providing an encrypted session without any peer verification. Please keep it in mind when using built-in SSL.

If you're not satisfied with this, please consider other approaches like stunnel or ssl -L.  

EXAMPLES

Please refer to examples in /etc/rfs-exports  

AUTHORS

Aleksey Tulinov: aleksey_t@users.sourceforge.net
Jean-Jacques Sarton: jjsarton@users.sourceforge.net  

REPORTING BUGS

See remotefs project on SourceForge: http://remotefs.sourceforge.net/  

COPYING

GNU General Public License (GPL)  

SEE ALSO

rfs(1), rfspasswd(8)


 

Index

NAME
SYNOPSIS
OPTIONS
DESCRIPTION
Just file server
UGO compatibility mode
SECURITY NOTES
NOTE ABOUT SSL (in SVN)
EXAMPLES
AUTHORS
REPORTING BUGS
COPYING
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 22:41:40 GMT, April 16, 2011