jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-11-28 15:32:45 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Delete the descriptions of the gssname and allgssname optionss from

Browse Source 
mount_nfs.8 since these options are not implemented in FreeBSD8.
This is content change for the man page.

Approved by:	re (kensmith), kib (mentor)
This commit is contained in:
Rick Macklem 2009-07-29 14:44:09 +00:00
parent f0be0a1f8c
commit ef89cb79cc
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=195942
1 changed files with 1 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
sbin/mount_nfs/mount_nfs.8
View File

@ -28,7 +28,7 @@
.\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95
.\" $FreeBSD$
.\"
.Dd February 11, 2008
.Dd July 28, 2009
.Dt MOUNT_NFS 8
.Os
.Sh NAME
@ -132,47 +132,6 @@ short.
.It Cm fg
Same as not specifying
.Cm bg .
.It Cm gssname Ns = Ns Aq Ar name
For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p when being
used for an NFSv4 mount, this option specifies the host based principal
name to be used for the state related operations SetClientID,
SetClientIDConfirm, ReleaseLockOwner and Renew.
It is also used for other operations, such as Getattr for
.Xr statfs 2
information and during open/lock state recovery.
An entry for this principal must exist
in the client machine's default keytab file.
If possible, the keytab entry should be created using DES_CBC_CRC
encryption. If another encryption algorithm is used, the sysctl variable
.Va vfs.newnfs.keytab_enctype
must be set to the numeric value representing that encryption algorithm.
(The numeric values can be found in /usr/include/krb5_asn1.h. Look
for constants named ETYPE_xxx.)
If this option is given
as a name without an ``@<client-fqdn>'', such as ``root'' or ``nfs'',
``@<client-fqdn>'' will be appended to it.
.sp
If this option is not specified
for NFSv4 mounts using krb5[ip], the above operations will be done using the
user principal for the user that performed the mount. This
only works for mounts done by a user other than ``root'' and the user must
have a valid TGT in their credentials cache at the time the mount is done.
(Setting the
.Va vfs.usermount
to non-zero will allow users to do mounts.)
Because the user's TGT is used to acquire credentials for these operations,
it is important that that user's TGT does not expire before
.Xr umount 8
is done.
.It Cm allgssname
This option can be used along with
.Cm gssname
to indicate that all accesses to the mount point are to be done using
the host based principal specified by the
.Cm gssname
option.
This might be useful for nfsv4 mounts using sec=krb5[ip] that are being accessed
by batch utilities over long periods of time.
.It Cm hard
Same as not specifying
.Cm soft .