Section: Maintenance Commands (8)Updated: 05 Jan 2008Local indexUp
unfsd - NFS server process
program implements the MOUNT and NFS version 3 protocols. It listens for
client requests, performs them on the local filesystem of the server, and
then returns the results of the operations to the clients.
reads the exports file,
by default, to find out which directories are available to clients
and what options are in effect (see
section below for syntax and possible options).
should be run as the
user. It will then switch its effective
user and group id to the numbers listed in incoming NFS requests. This
means filesystem operations will be performed as if done by a local
user with the same ids. If the incoming request is for user or group
id 0 (meaning
will switch to the user and group id of the
user before performing filesystem operations (this is known as
If the user
does not exist on the system, a user and group id of 65534 will be used.
This behavior can be modified by use of the
options in the exports file as well as the
options on a per-share basis.
is running as a normal unprivileged user, no switching of the effective
user and group id will take place. Instead, all filesystem operations
will be performed with the id of the user running
Some NFS clients may attempt to perform operations that
cannot fully support.
When creating filesystem objects, it is only possible to specify the
initial mode for the object. The initial user and group ownership,
object size, and timestamps cannot be specified and will be set to
The network lock manager (NLM) protocol is not supported. This means that
clients may have to mount with special mount options, disabling locking
on the mounted NFS volume (nolock for Linux clients).
Display a short option summary.
Use the given file as the exports file, instead of using
Note that the file needs to be specified using an absolute path.
Use the given file as pid file. When the daemon starts up, it will
write its pid (process id) to the given file. Upon exit, the daemon
will remove the file. Failure to create or remove the pid file is
not considered fatal and only reported to syslog.
Use an unprivileged port for NFS and MOUNT service. Normally,
will use port number 2049, which is the standard port for NFS.
When this option is in effect, arbitrary ports chosen by the RPC library
will be used. You may need to use this option when running
from a normal user account.
Use the specified port for the NFS service.
Use the specified port for the MOUNT service. The default is to
use port number 2049, the same as for the NFS service. You can use
the same port for both services if you want.
TCP only operation. By default,
provides its services to clients using either UDP or TCP as communications
protocol. When this option is present, only TCP connections are
Do not register with the portmapper. This will prevent other hosts from
finding out the port numbers used for the MOUNT and NFS services by
querying the portmap daemon. Clients
will need to manually specify the port numbers to use (on Linux clients,
mountport and port
Enable cluster extensions. This feature is only available when
was compiled with cluster support. When this option is enabled, so-called
tagged files are handled differently from normal files, making it possible
to serve different file contents to different clients for the same filename.
for a description of tagged files. This option causes a performance hit.
Limit the use of cluster extensions to a list of colon-seperated
directories. When this option is present, the performance hit caused by
clustering extensions only applies to the listed directories and their
Single user mode; activate basic uid translation. This option is
useful when the server and client are using different user and group
ids. All requests from the client will be served from the user id that started
no user id switching will take place (even if unfsd was started by
Ownership is reported as follows: files belonging to the user id
will look as if they are owned by the client's user. Other files will
look as if they are owned by root. The same principle applies to
Enable brute force file searching. Normally, when you rename a file
across several directories on an NFS volume, the filehandle for that
file becomes stale. When this option is enabled,
will attempt a recursive search on the relevant server filesystem to
find the file referenced by the filehandle. This can have a huge
performance impact as this will also happen for files that were
really deleted (by another NFS client) instead of moved, and cannot be found.
Bind to interface with specified address. The default is to bind to
all local interfaces.
Debug mode. When this option is present,
will not fork into the background at startup, and all messages that
would normally go to the system log go to stdout instead.
Report unreadable executables as readable. This applies both to
returned attributes and ACCESS requests. Please note that READ
requests for unreadable executables are always allowed, if
is running as root, regardless of this option.
Test exports file and exit. When this option is given,
will try to parse the exports file and exit with status 0 if this
is successful. If there is a syntax error in the exports file,
a message is printed on standard error and
exits with status 1.
SIGTERM and SIGINT
to unregister itself from the portmapper and exit.
to re-read its configuration data. Currently, this means the program
will query the
database to find out the user and group id of user
will also attempt to reload the exports file. If the exports file
sends a warning message to the system log and nothing is exported until
the situation is corrected and another
to output statistics about its filehandle and file descriptor cache
to the system log. For the filehandle cache, it will output the number
of filehandles in the cache, the total number of cache accesses, and the
number of hits and misses. For the file descriptor cache, it will output
the number of currently held open READ and WRITE file descriptors.
The exports file,
by default, determines which directories on the server can be accessed
from NFS clients. An example:
Comments start with a # character and cause the rest of the line to be
ignored. Extremely long exports can be split across multiple lines by
escaping the intermediate newlines with a backslash character.
Each line starts with a directory that is to be exported. If
the directory name contains whitespace, it must be enclosed in double
quotes. To the right of the directory name, a list of client
specifications can be given. If this list is missing, the directory
is exported to everyone, using default options
(ro and root_squash).
If the directory name contains symbolic links, they are expanded. This
means that you have to force
to reload the exports file if the symlinks happen to change.
Clients can be specified using either a hostname, an IP address, or
an IP network. Networks can be given by specifying the number of leading 1
bits in the netmask or by giving the full netmask. If the hostname is
empty, the directory is exported to everyone.
Options can follow a client specification and have to be enclosed
in parenthesis, with the opening paren directly following the client
name or address. If no options are given,
are enabled by default. The following options are supported by
Enable root squashing, mapping all NFS request done with a user id of
0 to the user id of the
user. This option is enabled by default.
Disable root squashing. When this option is present, NFS requests done
with a user id of 0 will be done as the
user of the server, effectively disabling all permissions checks.
Squash all users. When this option is present, all NFS requests will
be done as the
user of the server.
Don't squash all users. This option is enabled by default.
Allow read and write access on the exported directory. When this option
is present, clients are allowed to modify files and directories on
Allow only read access on the exported directory. When this option
is present, clients are not allowed to modify files and directories
on the server. This option is enabled by default.
Sets the uid and gid for anonymous mounts for this share - by default the
uid for nobody will be used, but using these options you can change this
on a per-share basis.
Allow only mount requests coming from a source port below 1024. Using
these ports requires super-user privileges on many operating systems.
This option is enabled by default.
Allow mount requests coming from any source port.
Consider this directory to be on a removable medium. When this option
will not keep files open across multiple read or write requests. This
allows unmounting of the underlying filesystem on the server at any time.
will not require that the exported path exists at startup or mount
time. If the path does not exist, an empty directory will be presented
to the client. This is useful for exporting mount points handled by
Consider this directory to be on a fixed medium. This options is enabled
by default and allows
to keep files open between multiple read or write requests.
To be able to mount this export, the specified password is
required. The password needs be given in the mount request,
as in "mount yourhost:@password:gazonk/tmp /mnt". One time passwords
are also supported. When using passwords, the file handles
will include a hash of the password. This means that
if you change the password, all clients will need to remount this export.
See the file "doc/passwords.txt" in the source for more information.
If options not present on this list are encountered by
they are silently ignored.
There are a few possible race conditions with other processes on the
server. They can happen if
is performing an operation on a filesystem object while another
process is simultaneously first (a) removing the object and then (b)
creating a new object of the same name. If this happens,
will attempt to perform the operation on the wrong, new object.
The time window in which this can happen is small.
When a client does a CREATE EXCLUSIVE procedure call,
stores the verifier data in the mtime and atime attributes of the
created file. Malicious processes on the server could manipulate
those attributes, breaking the semantics of the exclusive create
operation. A process attempting to do so would need to be able
to see the NFS network traffic.
unfsd always uses the "nohide" semantics, which means that clients
will see all file systems mounted below the exported path. However,
some NFS clients do not cope well with this situation as, for
instance, it is then possible for two files in the one apparent
filesystem to have the same inode number. To avoid this, make sure
that the client mounts each exported file system.
Due to the way
operates, it needs execute (lookup) and read permission on all directories
from the root directory all the way up to exported directories.
For example, if
is going to need permission for
/, /usr, and /usr/share.
Since root squashing can be in effect,
may run as the nobody user, which normally means having to grant
execute (lookup) and read permission for everybody on the server.
In the above example,
also needs permission to access
which can be different from
for some special setups (for example when using bind mounts under