HardenedBSD/sbin/mount_nfs/mount_nfs.8
Joerg Wunsch cc75b131a6 Introduce a -N option that disables the use of reserved ports, now
that -P is on by default.  Remove do-nothing code in the -P case (but
leave the option itself for backward compatibility).

PR:	bin/4500
1997-10-19 16:40:01 +00:00

308 lines
10 KiB
Groff

.\" Copyright (c) 1992, 1993, 1994, 1995
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95
.\"
.\" $Id: mount_nfs.8,v 1.9 1997/04/18 16:23:09 dfr Exp $
.\""
.Dd March 29, 1995
.Dt MOUNT_NFS 8
.Os BSD 4.4
.Sh NAME
.Nm mount_nfs
.Nd mount nfs file systems
.Sh SYNOPSIS
.Nm mount_nfs
.Op Fl 23KNPTUbcdilqs
.Op Fl D Ar deadthresh
.Op Fl I Ar readdirsize
.Op Fl L Ar leaseterm
.Op Fl R Ar retrycnt
.Op Fl a Ar maxreadahead
.Op Fl g Ar maxgroups
.Op Fl m Ar realm
.Op Fl o Ar options
.Op Fl r Ar readsize
.Op Fl t Ar timeout
.Op Fl w Ar writesize
.Op Fl x Ar retrans
.Ar rhost:path node
.Sh DESCRIPTION
The
.Nm mount_nfs
command
calls the
.Xr mount 2
system call to prepare and graft a remote nfs file system (rhost:path)
on to the file system tree at the point
.Ar node.
This command is normally executed by
.Xr mount 8 .
It implements the mount protocol as described in RFC 1094, Appendix A and
.%T "NFS: Network File System Version 3 Protocol Specification" ,
Appendix I.
.Pp
The options are:
.Bl -tag -width indent
.It Fl 2
Use the NFS Version 2 protocol (the default is to try version 3 first
then version 2).
.It Fl 3
Use the NFS Version 3 protocol.
.It Fl D
Used with NQNFS to set the
.Dq "dead server threshold"
to the specified number of round trip timeout intervals.
After a
.Dq "dead server threshold"
of retransmit timeouts,
cached data for the unresponsive server is assumed to still be valid.
Values may be set in the range of 1 - 9, with 9 referring to an
.Dq "infinite dead threshold"
(i.e. never assume cached data still valid).
This option is not generally recommended and is really an experimental
feature.
.It Fl I
Set the readdir read size to the specified value. The value should normally
be a multiple of DIRBLKSIZ that is <= the read size for the mount.
.It Fl K
Pass Kerberos authenticators to the server for client-to-server
user-credential mapping.
This requires that the kernel be built with the NFSKERB option.
(Refer to the INTERNET-DRAFT titled
.%T "Authentication Mechanisms for ONC RPC" ,
for more information.)
.It Fl L
Used with NQNFS to set the lease term to the specified number of seconds.
Only use this argument for mounts with a large round trip delay.
Values are normally in the 10-30 second range.
.It Fl N
Do
.Em not
use a reserved socket port number (see below).
.It Fl P
Use a reserved socket port number.
This flag is obsolete, and only retained for compatibility reasons.
Reserved port numbers are used by default now.
This is useful for mounting servers that require clients to use a
reserved port number on the mistaken belief that this makes NFS
more secure. (For the rare case where the client has a trusted root account
but untrustworthy users and the network cables are in secure areas this does
help, but for normal desktop clients this does not apply.)
.It Fl R
Set the retry count for doing the mount to the specified value.
.It Fl T
Use TCP transport instead of UDP.
This is recommended for servers that are not on the same LAN cable as
the client.
(NB: This is NOT supported by most non-BSD servers.)
.It Fl U
Force the mount protocol to use UDP transport, even for TCP NFS mounts.
(Necessary for some old BSD servers.)
.It Fl a
Set the read-ahead count to the specified value.
This may be in the range of 0 - 4, and determines how many blocks
will be read ahead when a large file is being read sequentially.
Trying a value greater than 1 for this is suggested for
mounts with a large bandwidth * delay product.
.It Fl b
If an initial attempt to contact the server fails, fork off a child to keep
trying the mount in the background.
Useful for
.Xr fstab 5 ,
where the filesystem mount is not critical to multiuser operation.
.It Fl c
For UDP mount points, do not do a
.Xr connect 2 .
This must be used for servers that do not reply to requests from the
standard NFS port number 2049.
.It Fl d
Turn off the dynamic retransmit timeout estimator.
This may be useful for UDP mounts that exhibit high retry rates,
since it is possible that the dynamically estimated timeout interval is too
short.
.It Fl g
Set the maximum size of the group list for the credentials to the
specified value.
This should be used for mounts on old servers that cannot handle a
group list size of 16, as specified in RFC 1057.
Try 8, if users in a lot of groups cannot get response from the mount
point.
.It Fl i
Make the mount interruptible, which implies that file system calls that
are delayed due to an unresponsive server will fail with EINTR when a
termination signal is posted for the process.
.It Fl l
Used with NQNFS and NFSV3 to specify that the \fBReaddirPlus\fR RPC should
be used.
This option reduces RPC traffic for cases such as
.Dq "ls -l" ,
but tends to flood the attribute and name caches with prefetched entries.
Try this option and see whether performance improves or degrades. Probably
most useful for client to server network interconnects with a large bandwidth
times delay product.
.It Fl m
Set the Kerberos realm to the string argument.
Used with the
.Fl K
option for mounts to other realms.
.It Fl o
Options are specified with a
.Fl o
flag followed by a comma separated string of options.
See the
.Xr mount 8
man page for possible options and their meanings.
The following NFS specific option is also available:
.Bl -tag -width indent
.It port=<port_number>
Use specified port number for NFS requests.
The default is to query the portmapper for the NFS port.
.El
.Pp
.Bl -tag -width "dumbtimerXX"
\fBHistoric \&-o options\fR
.Pp
Use of these options is deprecated, they are only mentioned here for
compatibility with historic versions of
.Nm mount_nfs .
.It bg
Same as
.Fl b .
.It conn
Same as
.Fl c .
.It dumbtimer
Same as
.Fl d .
.It intr
Same as
.Fl i .
.It kerb
Same as
.Fl K .
.It nfsv2
Same as
.Fl 2 .
.It nfsv3
Same as
.Fl 3 .
.It rdirplus
Same as
.Fl l .
.It mntudp
Same as
.Fl U .
.It resvport
Same as
.Fl P .
.It seqpacket
Same as
.Fl p .
.It nqnfs
Same as
.Fl q .
.It soft
Same as
.Fl s .
.It tcp
Same as
.Fl T.
.El
.It Fl q
Use the leasing extensions to the NFS Version 3 protocol
to maintain cache consistency.
This protocol Version 2, referred to as Not Quite Nfs (NQNFS),
is only supported by this updated release of NFS code.
(It is not backwards compatible with the release of NQNFS that went out on
4.4BSD-Lite. To interoperate with a 4.4BSD-Lite NFS system you will have to
avoid this option until you have had an opportunity to upgrade the NFS code
on all your 4.4BSD-Lite based systems.)
.It Fl r
Set the read data size to the specified value.
It should normally be a power of 2 greater than or equal to 1024.
This should be used for UDP mounts when the
.Dq "fragments dropped due to timeout"
value is getting large while actively using a mount point.
(Use
.Xr netstat 1
with the
.Fl s
option to see what the
.Dq "fragments dropped due to timeout"
value is.)
See the
.Fl w
option as well.
.It Fl s
A soft mount, which implies that file system calls will fail
after \fBRetry\fR round trip timeout intervals.
.It Fl t
Set the initial retransmit timeout to the specified value.
May be useful for fine tuning UDP mounts over internetworks
with high packet loss rates or an overloaded server.
Try increasing the interval if
.Xr nfsstat 1
shows high retransmit rates while the file system is active or reducing the
value if there is a low retransmit rate but long response delay observed.
(Normally, the -d option should be specified when using this option to manually
tune the timeout
interval.)
.It Fl w
Set the write data size to the specified value.
Ditto the comments w.r.t. the
.Fl r
option, but using the
.Dq "fragments dropped due to timeout"
value on the server instead of the client.
Note that both the
.Fl r
and
.Fl w
options should only be used as a last ditch effort at improving performance
when mounting servers that do not support TCP mounts.
.It Fl x
Set the retransmit timeout count for soft mounts to the specified value.
.El
.Sh SEE ALSO
.Xr mount 2 ,
.Xr unmount 2 ,
.Xr fstab 5 ,
.Xr mount 8
.Sh BUGS
Due to the way that Sun RPC is implemented on top of UDP (unreliable datagram)
transport, tuning such mounts is really a black art that can only be expected
to have limited success.
For clients mounting servers that are not on the same
LAN cable or that tend to be overloaded,
TCP transport is strongly recommended,
but unfortunately this is restricted to mostly 4.4BSD servers.