xref: /illumos-gate/usr/src/man/man5/nfs.5 (revision ceaafe383f5fd593cad28cce64def973b6e60f53) 
1.\"
2.\" The contents of this file are subject to the terms of the
3.\" Common Development and Distribution License (the "License").
4.\" You may not use this file except in compliance with the License.
5.\"
6.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
7.\" or http://www.opensolaris.org/os/licensing.
8.\" See the License for the specific language governing permissions
9.\" and limitations under the License.
10.\"
11.\" When distributing Covered Code, include this CDDL HEADER in each
12.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
13.\" If applicable, add the following below this CDDL HEADER, with the
14.\" fields enclosed by brackets "[]" replaced with your own identifying
15.\" information: Portions Copyright [yyyy] [name of copyright owner]
16.\"
17.\"
18.\" Copyright 1989 AT&T
19.\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved.
20.\" Copyright 2016 Nexenta Systems, Inc.
21.\" Copyright 2020 Joyent, Inc.
22.\" Copyright 2022-2024 RackTop Systems.
23.\"
24.Dd March 23, 2024
25.Dt NFS 5
26.Os
27.Sh NAME
28.Nm nfs
29.Nd NFS configuration properties
30.Sh DESCRIPTION
31The behavior of the
32.Xr nfsd 8 ,
33.Xr nfsmapid 8 ,
34.Xr lockd 8 ,
35and
36.Xr mountd 8
37daemons and
38.Xr mount_nfs 8
39command is controlled by property values that are stored in the Service
40Management Facility, smf(7).
41The
42.Xr sharectl 8
43command should be used to query or change values for these properties.
44.Pp
45Changes made to
46.Nm
47property values on the
48.Nm nfsd ,
49.Nm lockd ,
50.Nm mountd ,
51or
52.Nm mount_nfs
53command line override the values set using
54.Xr sharectl 8 .
55.Pp
56The following list describes the properties:
57.Bl -tag -width Ds
58.It Xo
59.Sy client_versmin Ns = Ns Ar num
60.br
61.Sy client_versmax Ns = Ns Ar num
62.Xc
63The NFS client only uses NFS versions in the range specified by these
64properties.
65Valid values of versions are: 2, 3, and 4.
66Default minimum version is
67.Li 2 ,
68while default maximum is
69.Li 4 .
70.Pp
71You can override this range on a per-mount basis by using the
72.Fl o Sy vers Ns =
73option to
74.Xr mount_nfs 8 .
75.It Xo
76.Sy server_versmin Ns = Ns Ar num
77.br
78.Sy server_versmax Ns = Ns Ar num
79.Xc
80The NFS server only uses NFS versions in the range specified by these
81properties.
82Valid values of versions are: 2, 3, 4, 4.0, 4.1 and 4.2.
83Version 4 is an alias for 4.0.
84Default minimum version is
85.Li 2 ,
86while the default maximum version is
87.Li 4 .
88.It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off
89By default the NFS server provides delegations to clients.
90The user can turn off delegations for all exported filesystems by setting this
91variable to
92.Li off .
93This variable only applies to NFS Version 4.
94.It Sy nfsmapid_domain Ns = Ns Op Ar string
95By default, the
96.Nm nfsmapid
97uses the DNS domain of the system.
98This setting overrides the default.
99This domain is used for identifying user and group attribute strings in the NFS
100Version 4 protocol.
101Clients and servers must match with this domain for operation to proceed
102normally.
103This variable only applies to NFS Version 4.
104See
105.Sx Setting nfsmapid_domain
106below for further details.
107.It Sy max_connections Ns = Ns Ar num
108Sets the maximum number of concurrent, connection-oriented connections.
109The default is
110.Li -1
111.Pq unlimited .
112Equivalent to the
113.Fl c
114option in
115.Nm nfsd .
116.It Sy listen_backlog Ns = Ns Ar num
117Set connection queue length for the NFS over a connection-oriented transport.
118The default value is
119.Li 32 ,
120meaning 32 entries in the queue.
121Equivalent to the
122.Fl l
123option in
124.Nm nfsd .
125.It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol
126Start
127.Nm nfsd
128over the specified protocol only.
129Equivalent to the
130.Fl p
131option in
132.Nm nfsd .
133.Sy all
134is equivalent to
135.Fl a
136on the
137.Nm nfsd
138command line.
139Mutually exclusive of
140.Sy device .
141For the UDP protocol, only version 2 and version 3 service is established.
142NFS Version 4 is not supported for the UDP protocol.
143.It Sy device Ns = Ns Op Ar devname
144Start NFS daemon for the transport specified by the given device only.
145Equivalent to the
146.Fl t
147option in
148.Nm nfsd .
149Mutually exclusive of
150.Sy protocol .
151.It Sy servers Ns = Ns Ar num
152Maximum number of concurrent NFS requests.
153Equivalent to last numeric argument on the
154.Nm nfsd
155command line.
156The default is
157.Li 1024 .
158.It Sy lockd_listen_backlog Ns = Ns Ar num
159Set connection queue length for
160.Nm lockd
161over a connection-oriented transport.
162The default and minimum value is
163.Li 32 .
164.It Sy lockd_servers Ns = Ns Ar num
165Maximum number of concurrent
166.Nm lockd
167requests.
168The default is 256.
169.It Sy lockd_retransmit_timeout Ns = Ns Ar num
170Retransmit timeout, in seconds, before
171.Nm lockd
172retries.
173The default is
174.Li 5 .
175.It Sy grace_period Ns = Ns Ar num
176Grace period, in seconds, that all clients
177.Pq both NLM and NFSv4
178have to reclaim locks after a server reboot.
179This parameter also controls the NFSv4 lease interval.
180The default is
181.Li 90 .
182.It Sy mountd_listen_backlog Ns = Ns Ar num
183Set the connection queue length for
184.Nm mountd
185over a connection-oriented transport.
186The default value is
187.Li 64 .
188.It Sy mountd_max_threads Ns = Ns Ar num
189Maximum number of threads for
190.Nm mountd .
191The default value is
192.Li 16 .
193.It Sy mountd_port Ns = Ns Ar num
194The IP port number on which
195.Nm mountd
196should listen.
197The default value is
198.Li 0 ,
199which means it should use a default binding.
200.It Sy mountd_remote_dump Ns = Ns Ar boolean
201Should
202.Nm mountd
203respond to remote
204.Sy MOUNTPROC_DUMP
205queries to read the list of remote mounts.
206The default value is
207.Li false ,
208which means only queries from local host will be allowed.
209.It Sy statd_port Ns = Ns Ar num
210The IP port number on which
211.Nm statd
212should listen.
213The default value is
214.Li 0 ,
215which means it should use a default binding.
216.El
217.Ss Setting nfsmapid_domain
218As described above, the setting for
219.Sy nfsmapid_domain
220overrides the domain used by
221.Xr nfsmapid 8
222for building and comparing outbound and inbound attribute strings, respectively.
223This setting overrides any other mechanism for setting the NFSv4 domain.
224In the absence of a
225.Sy nfsmapid_domain
226setting, the
227.Xr nfsmapid 8
228daemon determines the NFSv4 domain as follows:
229.Bl -bullet
230.It
231If a properly configured
232.Pa /etc/resolv.conf
233.Po see
234.Xr resolv.conf 5
235.Pc
236exists,
237.Nm nfsmapid
238queries specified nameserver(s) for the domain.
239.It
240If a properly configured
241.Pa /etc/resolv.conf
242.Po see
243.Xr resolv.conf 5
244.Pc
245exists, but the queried nameserver does not have a proper record of the domain
246name,
247.Nm nfsmapid
248attempts to obtain the domain name through the BIND interface
249.Po see
250.Xr resolver 3RESOLV
251.Pc .
252.It
253If no
254.Pa /etc/resolv.conf
255exists,
256.Nm nfsmapid
257falls back on using the configured domain name
258.Po see
259.Xr domainname 8
260.Pc ,
261which is returned with the leading domain suffix removed.
262For example, for
263.Li widgets.sales.example.com ,
264.Li sales.example.com
265is returned.
266.It
267If
268.Pa /etc/resolv.conf
269does not exist, no domain name has been configured
270.Po or no
271.Pa /etc/defaultdomain
272exists
273.Pc ,
274.Nm nfsmapid
275falls back on obtaining the domain name from the host name, if the host name
276contains a fully qualified domain name
277.Pq FQDN .
278.El
279.Pp
280If a domainname is still not obtained following all of the preceding steps,
281.Nm nfsmapid
282will have no domain configured.
283This results in the following behavior:
284.Bl -bullet
285.It
286Outbound
287.Qq owner
288and
289.Qq owner_group
290attribute strings are encoded as literal id's.
291For example, the UID 12345 is encoded as
292.Li 12345 .
293.It
294.Nm nfsmapid
295ignores the
296.Qq domain
297portion of the inbound attribute string and performs name service lookups only
298for the user or group.
299If the user/group exists in the local system name service databases, then the
300proper uid/gid will be mapped even when no domain has been configured.
301.Pp
302This behavior implies that the same administrative user/group domain exists
303between NFSv4 client and server (that is, the same uid/gid's for users/groups
304on both client and server).
305In the case of overlapping id spaces, the inbound attribute string could
306potentially be mapped to the wrong id.
307However, this is not functionally different from mapping the inbound string to
308.Sy nobody ,
309yet provides greater flexibility.
310.El
311.Sh ZONES
312NFS can be served out of a non-global zone.
313All of the above documentation applies to an in-zone NFS server.
314File sharing in zones is restricted to filesystems a zone completely controls.
315Some zone brands (see
316.Xr brands 7 )
317do not give the zone's root its own filesystem, for example.
318Delegated ZFS datasets to a zone are shareable, as well as lofs-remounted
319directories.
320The zone must have sys_nfs privileges; most brands grant this already.
321.Sh SEE ALSO
322.Xr brands 7 ,
323.Xr smf 7 ,
324.Xr zones 7 ,
325.Xr lockd 8 ,
326.Xr mount_nfs 8 ,
327.Xr mountd 8 ,
328.Xr nfsd 8 ,
329.Xr nfsmapid 8 ,
330.Xr sharectl 8
331