mirror of
https://git.openafs.org/openafs.git
synced 2025-01-21 16:30:15 +00:00
200 lines
10 KiB
HTML
200 lines
10 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
|
|
<HTML><HEAD>
|
|
<TITLE>Administration Reference</TITLE>
|
|
<!-- Begin Header Records ========================================== -->
|
|
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->
|
|
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->
|
|
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
|
|
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
|
|
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
|
|
</HEAD><BODY>
|
|
<!-- (C) IBM Corporation 2000. All Rights Reserved -->
|
|
<BODY bgcolor="ffffff">
|
|
<!-- End Header Records ============================================ -->
|
|
<A NAME="Top_Of_Page"></A>
|
|
<H1>Administration Reference</H1>
|
|
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf138.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf140.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
|
|
<P>
|
|
<H2><A NAME="HDRFS_EXPORTAFS" HREF="auarf002.htm#ToC_153">fs exportafs</A></H2>
|
|
<A NAME="IDX4796"></A>
|
|
<A NAME="IDX4797"></A>
|
|
<A NAME="IDX4798"></A>
|
|
<A NAME="IDX4799"></A>
|
|
<A NAME="IDX4800"></A>
|
|
<A NAME="IDX4801"></A>
|
|
<A NAME="IDX4802"></A>
|
|
<A NAME="IDX4803"></A>
|
|
<A NAME="IDX4804"></A>
|
|
<A NAME="IDX4805"></A>
|
|
<P><STRONG>Purpose</STRONG>
|
|
<P>Reports or sets whether the machine can export AFS to clients of other file
|
|
systems
|
|
<P><STRONG>Synopsis</STRONG>
|
|
<PRE><B>fs exportafs -type</B> <<VAR>exporter name</VAR>>
|
|
[<B>-start</B> <<VAR>start/stop translator (on | off)</VAR>>]
|
|
[<B>-convert</B> <<VAR>convert from afs to unix mode (on | off)</VAR>>]
|
|
[<B>-uidcheck</B> <<VAR>run on strict 'uid check' mode (on | off)</VAR>>]
|
|
[<B>-submounts</B> <<VAR>allow nfs mounts to subdirs of /afs/.. (on | off)</VAR>>]
|
|
[<B>-help</B>]
|
|
|
|
<B>fs exp -t</B> <<VAR>exporter name</VAR>>
|
|
[<B>-st</B> <<VAR>start/stop translator (on | off)</VAR>>]
|
|
[<B>-c</B> <<VAR>convert from afs to unix mode (on | off)</VAR>>]
|
|
[<B>-u</B> <<VAR>run on strict 'uid check' mode (on | off)</VAR>>]
|
|
[<B>-su</B> <<VAR>allow nfs mounts to subdirs of /afs/.. (on | off)</VAR>>]
|
|
[<B>-help</B>]
|
|
</PRE>
|
|
<P><STRONG>Description</STRONG>
|
|
<P>The <B>fs exportafs</B> command sets (if the <B>-start</B> argument
|
|
is provided) or reports (if it is omitted) whether the machine can reexport
|
|
the AFS filespace to clients of a non-AFS file system. To control
|
|
certain features of the translation protocol, use the following
|
|
arguments:
|
|
<UL>
|
|
<P><LI>To control whether the UNIX <B>group</B> and <B>other</B> mode
|
|
bits on an AFS file or directory are set to match the <B>owner</B> mode
|
|
bits when it is exported to the non-AFS file system, use the
|
|
<B>-convert</B> argument.
|
|
<P><LI>To control whether tokens can be placed in a credential structure
|
|
identified by a UID that differs from the local UID of the entity that is
|
|
placing the tokens in the structure, use the <B>-uidcheck</B>
|
|
argument. The most common use is to control whether issuers of the
|
|
<B>knfs</B> command can specify a value for its <B>-id</B> argument
|
|
that does not match their local UID on the NFS/AFS translator machine.
|
|
<P><LI>To control whether users can create mounts in the non-AFS filespace to an
|
|
AFS directory other than <B>/afs</B>, use the <B>-submounts</B>
|
|
argument.
|
|
</UL>
|
|
<P><STRONG>Options</STRONG>
|
|
<DL>
|
|
<P><DT><B>-type
|
|
</B><DD>Names the alternate file system to which to reexport the AFS
|
|
filespace. The only acceptable value is <B>nfs</B>, in lowercase
|
|
letters only.
|
|
<P><DT><B>-start
|
|
</B><DD>Enables the local machine to reexport the AFS filespace if the value is
|
|
<B>on</B>, or disables it if the value is <B>off</B>. Omit this
|
|
argument to report the current setting for all of the configurable
|
|
parameters.
|
|
<P><DT><B>-convert
|
|
</B><DD>Controls the setting of the UNIX <B>group</B> and <B>other</B>
|
|
mode bits on AFS files and directories exported to the non-AFS file
|
|
system. If the value is <B>on</B>, they are set to match the
|
|
<B>owner</B> mode bits. If the value is <B>off</B>, the bits
|
|
are not changed. If this argument is omitted, the default value is
|
|
<B>on</B>.
|
|
<P><DT><B>-uidcheck
|
|
</B><DD>Controls whether tokens can be placed in a credential structure identified
|
|
by a UID that differs from the local UID of the entity that is placing the
|
|
tokens in the structure.
|
|
<UL>
|
|
<P><LI>If the value is <B>on</B>, the UID that identifies the credential
|
|
structure must match the local UID.
|
|
<P>With respect to the <B>knfs</B> command, this value means that the
|
|
value of <B>-id</B> argument must match the issuer's local UID on the
|
|
translator machine. In practice, this setting makes it pointless to
|
|
include the <B>-id</B> argument to the <B>knfs</B> command, because
|
|
the only acceptable value (the issuer's local UID) is already used when
|
|
the <B>-id</B> argument is omitted.
|
|
<P>Enabling UID checking also makes it impossible to issue the <B>klog</B>
|
|
and <B> pagsh</B> commands on a client machine of the non-AFS file system
|
|
even though it is a system type supported by AFS. For an explanation,
|
|
see the reference page for the <B>klog</B> command.
|
|
<P><LI>If the value is <B>off</B> (the default), tokens can be assigned to a
|
|
local UID in the non-AFS file system that does not match the local UID of the
|
|
entity assigning the tokens.
|
|
<P>With respect to the <B>knfs</B> command, it means that the issuer can
|
|
use the <B>-id</B> argument to assign tokens to a local UID on the NFS
|
|
client machine that does not match his or her local UID on the translator
|
|
machine. (An example is assigning tokens to the MFS client
|
|
machine's local superuser <B>root</B>.) This setting allows
|
|
more than one issuer of the <B>knfs</B> command to make tokens available
|
|
to the same user on the NFS client machine. Each time a different user
|
|
issues the <B>knfs</B> command with the same value for the <B>-id</B>
|
|
argument, that user's tokens overwrite the existing ones. This can
|
|
result in unpredictable access for the user on the NFS client machine.
|
|
</UL>
|
|
<P><DT><B>-submounts
|
|
</B><DD>Controls whether a user of the non-AFS filesystem can mount any directory
|
|
in the AFS filespace other than the top-level <B>/afs</B>
|
|
directory. If the value is <B>on</B>, such submounts are
|
|
allowed. If the value is off, only mounts of the <B>/afs</B>
|
|
directory are allowed. If this argument is omitted, the default value
|
|
is <B>off</B>.
|
|
<P><DT><B>-help
|
|
</B><DD>Prints the online help for this command. All other valid options
|
|
are ignored.
|
|
</DL>
|
|
<P><STRONG>Output</STRONG>
|
|
<P>If the machine is not even configured as a server of the non-AFS file
|
|
system, the following message appears:
|
|
<PRE> Sorry, the <VAR>file_system</VAR>-exporter type is currently not supported on
|
|
this AFS client
|
|
|
|
</PRE>
|
|
<P>If the machine is configured as a server of the non-AFS file system but is
|
|
not currently enabled to reexport AFS to it (because the <B>-start</B>
|
|
argument to this command is not set to <B>on</B>), the message is as
|
|
follows:
|
|
<PRE> '<VAR>file_system</VAR>' translator is disabled
|
|
|
|
</PRE>
|
|
<P>If the machine is enabled to reexport AFS, the following message precedes
|
|
messages that report the settings of the other parameters.
|
|
<PRE> '<VAR>file_system</VAR>' translator is enabled with the following options:
|
|
|
|
</PRE>
|
|
<P>The following messages indicate that the <B>-convert</B> argument is
|
|
set to <B>on</B> or <B>off</B> respectively:
|
|
<PRE> Running in convert owner mode bits to world/other mode
|
|
Running in strict unix mode
|
|
|
|
</PRE>
|
|
<P>The following messages indicate that the <B>-uidcheck</B> argument is
|
|
set to <B>on</B> or <B>off</B> respectively:
|
|
<PRE> Running in strict 'passwd sync' mode
|
|
Running in no 'passwd sync' mode
|
|
|
|
</PRE>
|
|
<P>The following messages indicate that the <B>-submounts</B> argument is
|
|
set to <B>on</B> or <B>off</B> respectively:
|
|
<PRE> Allow mounts of /afs/.. subdirs
|
|
Only mounts to /afs allowed
|
|
|
|
</PRE>
|
|
<P><STRONG>Examples</STRONG>
|
|
<P>The following example shows that the local machine can export AFS to NFS
|
|
client machines.
|
|
<PRE> % <B>fs exportafs nfs</B>
|
|
'nfs' translator is enabled with the following options:
|
|
Running in convert owner mode bits to world/other mode
|
|
Running in no 'passwd sync' mode
|
|
Only mounts to /afs allowed
|
|
|
|
</PRE>
|
|
<P>The following example enables the machine as an NFS server and converts the
|
|
UNIX <B>group</B> and <B>other</B> mode bits on exported AFS
|
|
directories and files to match the UNIX <B>owner</B> mode bits.
|
|
<PRE> % <B>fs exportafs -type nfs -start on -convert on</B>
|
|
|
|
</PRE>
|
|
<P>The following example disables the machine from reexporting AFS to NFS
|
|
client machines:
|
|
<PRE> %<B> fs exportafs -type nfs -start off</B>
|
|
|
|
</PRE>
|
|
<P><STRONG>Privilege Required</STRONG>
|
|
<P>The issuer must be logged in as the local superuser <B>root</B>.
|
|
<P><STRONG>Related Information</STRONG>
|
|
<P><A HREF="auarf200.htm#HDRKLOG">klog</A>
|
|
<P><A HREF="auarf201.htm#HDRKNFS">knfs</A>
|
|
<P>
|
|
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf138.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf140.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
|
|
<!-- Begin Footer Records ========================================== -->
|
|
<P><HR><B>
|
|
<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
|
|
</B>
|
|
<!-- End Footer Records ============================================ -->
|
|
<A NAME="Bot_Of_Page"></A>
|
|
</BODY></HTML>
|