HardenedBSD/contrib/amd/scripts/amd.conf.5
2007-12-07 20:16:21 +00:00

1099 lines
28 KiB
Groff

.\"
.\" Copyright (c) 1997-2006 Erez Zadok
.\" Copyright (c) 1990 Jan-Simon Pendry
.\" Copyright (c) 1990 Imperial College of Science, Technology & Medicine
.\" Copyright (c) 1990 The Regents of the University of California.
.\" All rights reserved.
.\"
.\" This code is derived from software contributed to Berkeley by
.\" Jan-Simon Pendry at Imperial College, London.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgment:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" %W% (Berkeley) %G%
.\"
.\" $Id: amd.conf.5,v 1.39.2.5 2006/04/21 01:12:04 ezk Exp $
.\" $FreeBSD$
.\"
.Dd April 21, 2006
.Dt AMD.CONF 5
.Os
.Sh NAME
.Nm amd.conf
.Nd
.Xr amd 8
configuration file
.Sh SYNOPSIS
.Nm
.Sh DESCRIPTION
The
.Nm
file is the configuration file for
.Xr amd 8 ,
as part of the am-utils suite.
.Pp
The
.Nm
file
contains runtime configuration information for the
.Xr amd 8
automounter program.
.Sh FILE FORMAT
The file consists of sections and parameters.
A section begins with the
name of the section in square brackets and continues until the next section
begins or the end of the file is reached.
Sections contain parameters of the
form
.Dq Ar name No = Ar value .
.Pp
The file is line-based \[em] that is, each newline-terminated line represents
either a comment, a section name or a parameter.
No line-continuation
syntax is available.
.Pp
Section, parameter names and their values are case sensitive.
.Pp
Only the first equals sign in a parameter is significant.
Whitespace before
or after the first equals sign is discarded.
Leading, trailing and
internal whitespace in section and parameter names is irrelevant.
Leading
and trailing whitespace in a parameter value is discarded.
Internal
whitespace within a parameter value is not allowed, unless the whole
parameter value is quoted with double quotes as in
.Dq Ar name No = Qq Li "some\ value" .
.Pp
Any line beginning with a pound sign (#) is ignored, as are lines containing
only whitespace.
.Pp
The values following the equals sign in parameters are all either a string
(no quotes needed if string does not include spaces) or a boolean, which may
be given as
.Dq Li yes/no .
Case is significant in all values.
Some items such as
cache timeouts are numeric.
.Sh SECTIONS
.Ss "The [global] section"
Parameters in this section either apply to
.Nm amd
as a whole, or to all other
regular map sections which follow.
There should be only one global section
defined in one configuration file.
.Pp
It is highly recommended that this section be specified first in the
configuration file.
If it is not, then regular map sections which precede
it will not use global values defined later.
.Ss "Regular [/map] sections"
Parameters in regular (non-global) sections apply to a single map entry.
For example, if the map section
.Bq Pa /homes
is defined, then all parameters following it will be applied to the
.Pa /homes
.Nm amd Ns
-managed mount point.
.Sh PARAMETERS
.Ss "Parameters common to all sections"
These parameters can be specified either in the global or a map specific
section.
Entries specified in a map-specific section override the default
value or one defined in the global section.
If such a common parameter is
specified only in the global section, it is applicable to all regular map
sections that follow.
.Bl -tag -width 4n
.It Va browsable_dirs Pq string, default=no
If
.Dq Li yes ,
then
.Nm amd Ns 's
top-level mount points will be browsable to
.Xr readdir 3
calls.
This means you could run for example
.Xr ls 1
and see what keys are available to mount in that directory.
Not all entries
are made visible to
.Xr readdir 3 :
the
.Dq Li /default
entry, wildcard entries, and those with a
.Ql /
in them are not included.
If you specify
.Dq Li full
to this option, all but
.Dq Li /default
will be visible.
Note that if you run a command which will attempt to
.Xr stat 2
the entries, such as often done by
.Dq Li "ls -l"
or
.Dq Li "ls -F" ,
.Xr amd 8
will attempt to mount
.Em every
entry in that map.
This is often called a
.Dq "mount storm" .
.It Va map_defaults Pq string, default no empty
This option sets a string to be used as the map's /defaults entry,
overriding any /defaults specified in the map.
This allows local users to
override map defaults without modifying maps globally.
.It Va map_options Pq string, default no options
This option is the same as specifying map options on the command line to
.Xr amd 8 ,
such as
.Dq Li "cache:=all" .
.It Va map_type Pq string, default search all map types
If specified,
.Xr amd 8
will initialize the map only for the type given.
This is
useful to avoid the default map search type used by
.Xr amd 8
which takes longer
and can have undesired side-effects such as initializing
.Tn NIS
even if not
used.
Possible values are:
.Pp
.Bl -tag -width ".Cm nisplus" -compact
.It Cm exec
executable maps
.It Cm file
plain files
.It Cm hesiod
Hesiod name service from MIT
.It Cm ldap
Lightweight Directory Access Protocol
.It Cm ndbm
(New) dbm style hash files
.It Cm nis
Network Information Services (version 2)
.It Cm nisplus
Network Information Services Plus (version 3)
.It Cm passwd
local password files
.It Cm union
union maps
.El
.It Va mount_type Pq string, default=nfs
All
.Xr amd 8
mount types default to
.Tn NFS .
That is,
.Xr amd 8
is an
.Tn NFS
server on the
map mount points, for the local host it is running on.
If
.Dq Li autofs
is specified,
.Xr amd 8
will be an autofs server for those mount points.
.It Va autofs_use_lofs Pq string, default=yes
When set to
.Dq Li yes
and using Autofs,
.Xr amd 8
will use lofs-type (loopback) mounts
for type:=link mounts.
This has the advantage of mounting in place, and
users get to the see the same pathname that they chdir'ed into.
If this
option is set to
.Dq Li no ,
then
.Xr amd 8
will use symlinks instead: that code is more
tested, but negates autofs's big advantage of in-place mounts.
.It Va search_path Pq string, default no search path
This provides a (colon-delimited) search path for file maps.
Using a search
path, sites can allow for local map customizations and overrides, and can
query
distributed maps in several locations as needed.
.It Va selectors_in_defaults Pq boolean, default=no
If
.Dq Li yes ,
then the /defaults entry of maps will search for and process any
selectors before setting defaults for all other keys in that map.
Useful
when you want to set different options for a complete map based on some
parameters.
For example, you may want to better the NFS performance over
slow slip-based networks as follows:
.Bd -literal
/defaults \\
wire==slip-net;opts:=intr,rsize=1024,wsize=1024 \\
wire!=slip-net;opts:=intr,rsize=8192,wsize=8192
.Ed
Deprecated form: selectors_on_default
.El
.Ss "Parameters applicable to the global section only"
.Bl -tag -width 4n
.It Va arch Pq string, default to compiled in value
Same as the
.Fl A
option to
.Xr amd 8 .
Allows you to override the value of the
.Va arch
.Xr amd 8
variable.
.It Va auto_attrcache Pq numeric, default=0
Specify in seconds (or units of 0.1 seconds, depending on the OS), what is
the (kernel-side) NFS attribute cache timeout for
.Nm amd Ns 's
own automount
points.
A value of 0 is supposed to turn off attribute caching, meaning
that
.Xr amd 8
will be consulted via a kernel-RPC each time someone stat()'s
the mount point (which could be abused as a denial-of-service attack).
Warning: some OSs are incapable of turning off the NFS attribute cache
reliably.
On such systems,
.Nm amd
may not work reliably under heavy load.
See
the
.Pa README.attrcache
document in the Am-utils distribution for more details.
.It Va auto_dir Pq string, default= Ns Pa /a
Same as the
.Fl a
option to
.Xr amd 8 .
This sets the private directory where
.Nm amd
will create
sub-directories for its real mount points.
.It Va cache_duration Pq numeric, default=300
Same as the
.Fl c
option to
.Xr amd 8 .
Sets the duration in seconds that looked-up or mounted map
entries remain in the cache.
.It Va cluster Pq string, default no cluster
Same as the
.Fl C
option to
.Xr amd 8 .
Specifies the alternate
.Tn HP-UX
cluster to use.
.It Va debug_mtab_file Pq string, default= Ns Pa /tmp/mnttab
Path to mtab file that is used by
.Xr amd 8
to store a list of mounted
file systems during debug-mtab mode.
This option only applies
to systems that store mtab information on disk.
.It Va debug_options Pq string, default no debug options
Same as the
.Fl D
option to
.Xr amd 8 .
Specify any debugging options for
.Xr amd 8 .
Works only if
am-utils was configured for debugging using the
.Fl Fl enable-debug
option.
The
.Cm mem
option alone can be turned on via
.Fl Fl enable-debug Ns = Ns Cm mem .
Otherwise debugging options are ignored.
Options are
comma delimited, and can be preceded by the string
.Dq Li no
to negate their
meaning.
You can get the list of supported debugging options by running
.Nm amd Fl v .
Possible values are:
.Pp
.Bl -tag -width ".Cm xdrtrace" -compact
.It Cm all
all options
.It Cm amq
register for
.Xr amq 8
.It Cm daemon
enter daemon mode
.It Cm fork
fork server
.It Cm full
program trace
.It Cm info
info service specific debugging
(hesiod, nis, etc.)
.It Cm mem
trace memory allocations
.It Cm mtab
use local
.Pa ./mtab
file
.It Cm str
debug string munging
.It Cm test
full debug but no daemon
.It Cm trace
trace protocol and NFS mount arguments
.It Cm xdrtrace
trace XDR routines
.El
.It Va dismount_interval Pq numeric, default=120
Same as the
.Fl w
option to
.Xr amd 8 .
Specify, in seconds, the time between attempts to dismount
file systems that have exceeded their cached times.
.It Va domain_strip Pq boolean, default=yes
If
.Dq Li yes ,
then the domain
name part referred to by ${rhost} is stripped off.
This is
useful to keep logs and smaller.
If
.Dq Li no ,
then the domain name
part is left changed.
This is useful when using multiple domains with
the same maps (as you may have hosts whose domain-stripped name is
identical).
.It Va exec_map_timeout Pq numeric, default=10
The timeout in seconds that
.Xr amd 8
will wait for an executable map program before an answer is returned from
that program (or script).
This value should be set to as small as possible
while still allowing normal replies to be returned before the timer expires,
because during the time that the executable map program is queried,
.Xr amd 8
is essentially waiting and is thus not responding to any other queries.
.It Va forced_unmounts Pq boolean, default=no
If set to
.Dq Li yes ,
and the client OS supports forced or lazy unmounts, then
.Xr amd 8
will attempt to use them if it gets any of three serious error conditions
when trying to unmount an existing mount point or mount on top of one:
.Er EIO , ESTALE ,
or
.Er EBUSY .
.Pp
This could be useful to recover from serious conditions such as hardware
failure of mounted disks, or NFS servers which are down permanently, were
migrated, or changed their IP address.
Only
.Dq Li type:=toplvl
mounts hung with
.Er EBUSY
are forcibly unmounted using this option, which is useful to recover
from a hung
.Xr amd 8 ) .
.It Va full_os Pq string, default to compiled in value
The full name of the operating system, along with its version.
Allows you
to override the compiled-in full name and version of the operating system.
Useful when the compiled-in name is not desired.
For example, the full
operating system name on Linux comes up as
.Dq Li linux ,
but you can override it to
.Dq Li linux-2.2.5 .
.It Va fully_qualified_hosts Pq string, default=no
If
.Dq Li yes ,
.Xr amd 8
will perform RPC authentication using fully-qualified host names.
This is
necessary for some systems, and especially when performing cross-domain
mounting.
For this function to work, the
.Xr amd 8
variable ${hostd} is used, requiring that ${domain} not be null.
.It Va hesiod_base Pq string, default=automount
Specify the base name for hesiod maps.
.It Va karch Pq string, default to karch of the system
Same as the
.Fl k
option to
.Xr amd 8 .
Allows you to override the kernel-architecture of your
system.
Useful for example on Sun (Sparc) machines, where you can build one
.Nm amd
binary and run it on multiple machines, yet you want each one to get
the correct
.Va karch
variable set (for example, sun4c, sun4m, sun4u, etc.)
Note that if not
specified,
.Xr amd 8
will use
.Xr uname 3
to figure out the kernel architecture of
the machine.
.It Va ldap_base Pq string, default not set
Specify the base name for LDAP.
This often includes LDAP-specific
values such as country and organization.
.It Va ldap_cache_maxmem Pq numeric, default=131072
Specify the maximum memory
.Xr amd 8
should use to cache LDAP entries.
.It Va ldap_cache_seconds Pq numeric, default=0
Specify the number of seconds to keep entries in the cache.
.It Va ldap_hostports Pq string, default not set
Specify the LDAP host and port values.
.It Va ldap_proto_version Pq numeric, default=2
Specify the version of the LDAP protocol to use.
.It Va local_domain Pq string, default no sub-domain
Same as the
.Fl d
option to
.Xr amd 8 .
Specify the local domain name.
If this option is not given
the domain name is determined from the hostname by removing the first
component of the fully-qualified host name.
.It Va localhost_address Pq string, default to localhost or 127.0.0.1
Specify the name or IP address for
.Xr amd 8
to use when connecting the sockets
for the local NFS server and the RPC server.
This defaults to 127.0.0.1 or
whatever the host reports as its local address.
This parameter is useful on
hosts with multiple addresses where you want to force
.Xr amd 8
to connect to a
specific address.
.It Va log_file Pq string, default= Ns Pa /dev/stderr
Same as the
.Fl l
option to
.Xr amd 8 .
Specify a file name to log
.Xr amd 8
events to.
If the string
.Pa /dev/stderr
is specified,
.Xr amd 8
will send its events to the standard error file descriptor.
If the string
.Pa syslog
is given,
.Xr amd 8
will record its events with the system logger
.Xr syslogd 8 .
The default syslog facility used is
.Dv LOG_DAEMON .
If you
wish to change it, append its name to the log file name, delimited by a
single colon.
For example, if
.Pa logfile
is the string
.Dq Li syslog:local7
then
.Xr amd 8
will log messages via
.Xr syslog 3
using the
.Dv LOG_LOCAL7
facility (if it exists on the system).
.It Va log_options Pq string, default no logging options
Same as the
.Fl x
option to
.Xr amd 8 .
Specify any logging options for
.Xr amd 8 .
Options are comma
delimited, and can be preceded by the string
.Dq Li no
to negate their meaning.
The
.Dq Li debug
logging option is only available if am-utils was configured with
.Fl Fl enable-debug .
You can get the list of supported debugging and logging
options by running
.Nm amd Fl H .
Possible values are:
.Pp
.Bl -tag -width ".Cm warning" -compact
.It Cm all
all messages
.It Cm debug
debug messages
.It Cm error
non-fatal system errors
.It Cm fatal
fatal errors
.It Cm info
information
.It Cm map
map errors
.It Cm stats
additional statistical information
.It Cm user
non-fatal user errors
.It Cm warn
warnings
.It Cm warning
warnings
.El
.It Va map_reload_interval Pq numeric, default=3600
The number of seconds that
.Xr amd 8
will wait before it checks to see if any maps
have changed at their source (NIS servers, LDAP servers, files, etc.).
.Xr amd 8
will reload only those maps that have changed.
.It Va nfs_allow_any_interface Pq string, default=no
Normally
.Xr amd 8
accepts local NFS packets only from 127.0.0.1.
If this
parameter is set to
.Dq Li yes
then
.Xr amd 8
will accept local NFS packets from any
local interface; this is useful on hosts that may have multiple interfaces
where the system is forced to send all outgoing packets (even those bound to
the same host) via an address other than 127.0.0.1.
.It Va nfs_allow_insecure_port Pq string, default=no
Normally
.Xr amd 8
will refuse requests coming from unprivileged ports (i.e.\&
ports >= 1024 on Unix systems), so that only privileged users and the kernel
can send NFS requests to it.
However, some kernels (certain versions of
Darwin, MacOS X, and Linux) have bugs that cause them to use unprivileged
ports in certain situations, which causes
.Xr amd 8
to stop dead in its tracks.
This parameter allows
.Xr amd 8
to operate normally even on such systems, at the
expense of a slight decrease in the security of its operations.
If you see
messages like
.Dq Li "ignoring request from foo:1234, port not reserved"
in your
.Xr amd 8
log, try enabling this parameter and give it another go.
.It Va nfs_proto Pq string, default to trying version tcp then udp
By default,
.Xr amd 8
tries TCP and then UDP.
This option forces the overall
.Tn NFS
protocol used to TCP or UDP.
It overrides what is in the
.Xr amd 8
maps, and is
useful when
.Nm amd
is compiled with NFSv3 support that may not be stable.
With
this option you can turn off the complete usage of NFSv3 dynamically
(without having to recompile
.Nm amd )
until such time as NFSv3 support is
desired again.
.It Va nfs_retransmit_counter Pq numeric, default=11
Same as the
.Ar retransmit
counter
part of the
.Fl t Ar timeout.retransmit
option to
.Xr amd 8 .
Specifies the number of NFS retransmissions that the kernel will use to
communicate with
.Xr amd 8 .
.It Va nfs_retransmit_counter_udp Pq numeric, default=11
Same as the
.Va nfs_retransmit_counter
option, but for all UDP mounts only.
.It Va nfs_retransmit_counter_tcp Pq numeric, default=11
Same as the
.Va nfs_retransmit_counter
option, but for all TCP mounts only.
.It Va nfs_retransmit_counter_toplvl Pq numeric, default=11
Same as the
.Va nfs_retransmit_counter
option, but only for
.Nm amd Ns 's
top-level UDP mounts.
.It Va nfs_retry_interval Pq numeric, default=8
Same as the
.Ar timeout
interval
part of the
.Fl t Ar timeout.retransmit
option to
.Xr amd 8 .
Specifies the
.Tn NFS
timeout interval, in
.Em tenths
of seconds, between NFS/RPC retries (for UDP and TCP).
This is the value that the kernel will use to
communicate with
.Xr amd 8 .
.Pp
.Xr amd 8
relies on the kernel RPC retransmit mechanism to trigger mount retries.
The values of the
.Va nfs_retransmit_counter
and the
.Va nfs_retry_interval
parameters change the overall retry interval.
Too long an interval gives
poor interactive response; too short an interval causes excessive retries.
.It Va nfs_retry_interval_udp Pq numeric, default=8
Same as the
.Va nfs_retry_interval
option, but for all UDP mounts only.
.It Va nfs_retry_interval_tcp Pq numeric, default=8
Same as the
.It nfs_retry_interval
option, but for all TCP mounts only.
.It Va nfs_retry_interval_toplvl Pq numeric, default=8
Same as the
.It nfs_retry_interval
option, but only for
.Nm amd Ns 's
top-level UDP mounts.
.It Va nfs_vers Pq numeric, default to trying version 3 then 2
By default,
.Xr amd 8
tries version 3 and then version 2.
This option forces the
overall
.Tn NFS
protocol used to version 3 or 2.
It overrides what is in the
.Xr amd 8
maps, and is useful when
.Nm amd
is compiled with NFSv3 support that may not
be stable.
With this option you can turn off the complete usage of NFSv3
dynamically (without having to recompile
.Nm amd )
until such time as NFSv3
support is desired again.
.It Va nis_domain Pq string, default to local Tn NIS domain name
Same as the
.Fl y
option to
.Xr amd 8 .
Specify an alternative
.Tn NIS
domain from which to fetch the
.Tn NIS
maps.
The default is the system domain name.
This option is ignored if
.Tn NIS
support is not available.
.It Va normalize_hostnames Pq boolean, default=no
Same as the
.Fl n
option to
.Xr amd 8 .
If
.Dq Li yes ,
then the name referred to by
.Va ${rhost}
is normalized relative to the host database before being used.
The effect is
to translate aliases into
.Dq official
names.
.It Va normalize_slashes Pq boolean, default=yes
If
.Dq Li yes ,
then
.Xr amd 8
will condense all multiple
.Ql /
(slash) characters into
one and remove all trailing slashes.
If
.Dq Li no ,
then
.Xr amd 8
will not touch
strings that may contain repeated or trailing slashes.
The latter is
sometimes useful with SMB mounts, which often require multiple slash
characters in pathnames.
.It Va os Pq string, default to compiled in value
Same as the
.Fl O
option to
.Xr amd 8 .
Allows you to override the compiled-in name of the operating
system.
Useful when the built-in name is not desired for backward
compatibility reasons.
For example, if the build in name is
.Dq Li sunos5 ,
you can override it to
.Dq Li sos5 ,
and use older maps which were written with the
latter in mind.
.It Va osver Pq string, default to compiled in value
Same as the
.Fl o
option to
.Xr amd 8 .
Overrides the compiled-in version number of the operating
system.
Useful when the built in version is not desired for backward
compatibility reasons.
For example, if the build in version is
.Dq Li 2.5.1 ,
you can override it to
.Dq Li 5.5.1 ,
and use older maps that were written with
the latter in mind.
.It Va pid_file Pq string, default= Ns Pa /dev/stdout
Specify a file to store the process ID of the running daemon into.
If not
specified,
.Xr amd 8
will print its process ID onto the standard output.
Useful
for killing
.Xr amd 8
after it had run.
Note that the PID of a running
.Nm amd
can
also be retrieved via
.Nm amq Fl p .
This file is used only if the
.Va print_pid
option is on.
.It Va plock Pq boolean, default=yes
Same as the
.Fl S
option to
.Xr amd 8 .
If
.Dq Li yes ,
lock the running executable pages of
.Nm amd
into memory.
To improve
.Nm amd Ns 's
performance, systems that support the
.Xr plock 3
or
.Xr mlockall 2
call can lock the
.Nm amd
process into memory.
This way there is less chance that
the operating system will schedule, page out, and swap the
.Nm amd
process as needed.
This improves
.Nm amd Ns 's
performance, at the cost of reserving the
memory used by the
.Nm amd
process (making it unavailable for other processes).
.It Va portmap_program Pq numeric, default=300019
Specify an alternate Port-mapper RPC program number, other than the official
number.
This is useful when running multiple
.Nm amd
processes.
For example,
you can run another
.Xr amd 8
in
.Dq test
mode, without affecting the primary
.Nm amd
process in any way.
For safety reasons, the alternate program numbers that
can be specified must be in the range 300019-300029, inclusive.
The
.Xr amq 8
utility
has an option
.Fl P
which can be used to specify an alternate program number of an
.Nm amd
to contact.
In this way,
.Nm amq
can fully control any number of
.Nm amd
processes running on the same host.
.It Va preferred_amq_port Pq numeric, default=0
Specify an alternate Port-mapper RPC port number for
.Nm amd Ns 's
.Xr amq 8
service.
This is used for both UDP and TCP.
Setting this value to 0 (or
not defining it) will cause
.Xr amd 8
to select an arbitrary port number.
Setting the
.Xr amq 8
RPC service port to a specific number is useful in firewalled or NAT'ed
environments, where you need to know which port
.Xr amd 8
will listen on.
.It Va print_pid Pq boolean, default=no
Same as the
.Fl p
option to
.Xr amd 8 .
If
.Dq Li yes ,
.Nm amd
will print its process ID upon starting.
.It Va print_version Pq boolean, default=no
Same as the
.Fl v
option to
.Xr amd 8 ,
but the version prints and
.Nm amd
continues to run.
If
.Dq Li yes ,
.Nm amd
will print its version information string, which includes some
configuration and compilation values.
.It Va restart_mounts Pq boolean, default=no
Same as the
.Fl r
option to
.Xr amd 8 .
If
.Dq Li yes ,
.Nm amd
will scan the mount table to determine which file systems are currently
mounted.
Whenever one of these would have been auto-mounted,
.Nm amd
inherits it.
.It Va show_statfs_entries Pq boolean, default=no
If
.Dq Li yes ,
then all maps which are browsable will also show the number of
entries (keys) they have when
.Xr df 1
runs.
(This is accomplished by returning
non-zero values to the
.Xr statfs 2
system call.)
.It Va truncate_log Pq boolean, default=no
If
.Dq Li yes ,
then the log file (if it is a regular file), will be truncated
upon startup.
.It Va unmount_on_exit Pq boolean, default=no
If
.Dq Li yes ,
then
.Xr amd 8
will attempt to unmount all file systems which it knows
about.
Normally
.Nm amd
leaves all
(esp.\&
.Tn NFS )
mounted file systems intact.
Note that
.Nm amd
does not know about file systems mounted before it starts up,
unless the
.Va restart_mounts
option or
.Fl r
flag are used.
.It Va use_tcpwrappers Pq boolean, default=yes
If
.Dq Li yes ,
then
.Xr amd 8
will use the tcpd/libwrap tcpwrappers library
(if available) to control
access to
.Nm amd
via the
.Pa /etc/hosts.allow
and
.Pa /etc/hosts.deny
files.
.It Va vendor Pq string, default to compiled in value
The name of the vendor of the operating system.
Overrides the compiled-in
vendor name.
Useful when the compiled-in name is not desired.
For example,
most Intel based systems set the vendor name to
.Dq Li unknown ,
but you can set it to
.Dq Li redhat .
.El
.Ss "Parameters applicable to regular map sections"
.Bl -tag -width 4n
.It Va map_name Pq string, must be specified
Name of the map where the keys are located.
.It Va tag Pq string, default no tag
Each map entry in the configuration file can be tagged.
If no tag is
specified, that map section will always be processed by
.Xr amd 8 .
If it is
specified, then
.Nm amd
will process the map if the
.Fl T
option was given to
.Xr amd 8 ,
and the value given to that command-line option
matches that in the map section.
.El
.Sh EXAMPLES
Here is a real
.Xr amd 8
configuration I use daily.
.Bd -literal
# GLOBAL OPTIONS SECTION
[ global ]
normalize_hostnames = no
print_pid = no
restart_mounts = yes
auto_dir = /n
log_file = /var/log/amd
log_options = all
#debug_options = all
plock = no
selectors_in_defaults = yes
# config.guess picks up "sunos5" and I don't want to edit my maps yet
os = sos5
# if you print_version after setting up "os", it will show it.
print_version = no
map_type = file
search_path = /etc/amdmaps:/usr/lib/amd:/usr/local/AMD/lib
browsable_dirs = yes
# DEFINE AN AMD MOUNT POINT
[ /u ]
map_name = amd.u
[ /proj ]
map_name = amd.proj
[ /src ]
map_name = amd.src
[ /misc ]
map_name = amd.misc
[ /import ]
map_name = amd.import
[ /tftpboot/.amd ]
tag = tftpboot
map_name = amd.tftpboot
.Ed
.Sh SEE ALSO
.Xr hosts_access 5 ,
.Xr amd 8 ,
.Xr amq 8
.Pp
.Dq am-utils
.Xr info 1
entry.
.Rs
.%A Erez Zadok
.%B "Linux NFS and Automounter Administration"
.%O ISBN 0-7821-2739-8
.%I Sybex
.%D 2001
.Re
.Pp
.Pa http://www.am-utils.org/
.Rs
.%T Amd \- The 4.4 BSD Automounter
.Re
.Sh HISTORY
The
.Xr amd 8
utility first appeared in
.Bx 4.4 .
.Sh AUTHORS
.An Erez Zadok Aq ezk@cs.sunysb.edu ,
Computer Science Department, Stony Brook University, Stony Brook, New York, USA.
.Pp
Other authors and contributors to am-utils are listed in the
.Pa AUTHORS
file distributed with am-utils.